CVE-2022-41577

Опубликовано: 14 окт. 2022

Источник: nvd

CVSS3: 7.1

EPSS Низкий

Описание

The kernel server has a vulnerability of not verifying the length of the data transferred in the user space.Successful exploitation of this vulnerability may cause out-of-bounds read in the kernel, which affects the device confidentiality and availability.

Ссылки

https://consumer.huawei.com/en/support/bulletin/2022/10/
Vendor Advisory
https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202210-0000001416095697
Vendor Advisory
https://consumer.huawei.com/en/support/bulletin/2022/10/
Vendor Advisory
https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202210-0000001416095697
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*

cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*

cpe:2.3:o:huawei:harmonyos:2.1:*:*:*:*:*:*:*

EPSS

Процентиль: 5%

0.00023

Низкий

7.1 High

CVSS3

Дефекты

CWE-125

Связанные уязвимости

GHSA-4r2p-352m-7q6g