2024

2023

2022

List overview
Download

Security-bulletin October 2022

security@openharmony.io

1 participants
2 discussions

Start a nNew thread

Security Vulnerabilities in October 2022

by Liuxu (louis)

Security Vulnerabilities in October 2022 published October 11,2022 updated October 11,2022 Vulnerability ID related Vulnerability Vulnerability Description Vulnerability Impact CVSS3.1 Base Score affected versions affected projects fix link reference OpenHarmony-SA-2022-1001 CVE-2022-42488 Startup subsystem missed permission validation in param service. Local attackers can install an malicious application on the device to elevate its privileges to the root user, disable security features, or cause DoS by disabling particular services. 8.4 OpenHarmony-v3.1-Release through OpenHarmony-v3.1.2-Release startup_init_lite 3.1.x<https://gitee.com/openharmony/startup_init_lite/pulls/1104> 3.1.x<https://gitee.com/openharmony/startup_init_lite/pulls/1074> Reported by OpenHarmony Team OpenHarmony-SA-2022-1002 CVE-2022-42464 Kernel memory pool override in /dev/mmz_userdev device driver If the processes with system UID run on the device, local attackers would be able to mmap memory pools used by kernel and override them which could be used to gain kernel code execution on the device, gain root privileges, or cause device reboot. 6.7 OpenHarmony-v3.1-Release through OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.6-LTS device_board_hisilicon device_hisilicon_hi3516dv300 3.0.x<https://gitee.com/openharmony/device_board_hisilicon/pulls/135> 3.1.x<https://gitee.com/openharmony/device_hisilicon_hi3516dv300/pulls/87> Reported by OpenHarmony Team OpenHarmony-SA-2022-1003 CVE-2022-41686 Out-of-bound memory read and write in /dev/mmz_userdev device driver. If the processes with system user UID run on the device, local attackers would be able to write out-of-bound memory which could lead to unspecified memory corruption. 5.1 OpenHarmony-v3.1-Release through OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.6-LTS device_board_hisilicon device_hisilicon_hispark_taurus 3.1.x<https://gitee.com/openharmony/device_soc_hisilicon/pulls/287> 3.0.x<https://gitee.com/openharmony/device_hisilicon_hispark_taurus/pulls/127> Reported by OpenHarmony Team OpenHarmony-SA-2022-1004 CVE-2022-42463 Softbus_server in communication subsystem has an authentication bypass vulnerability in a callback handler function. Attackers can launch attacks on distributed networks by sending Bluetooth rfcomm packets to any remote device and executing arbitrary commands. 8.3 OpenHarmony-v3.1-Release through OpenHarmony-v3.1.2-Release communication_dsoftbus 3.1.x<https://gitee.com/openharmony/communication_dsoftbus/pulls/2348> Reported by OpenHarmony Team The following table lists the third-party library vulnerabilities with only the CVE, severity, and affected OpenHarmony versions provided. For more details, see the security bulletins released by third-parties. CVE severity affected OpenHarmony versions fix link CVE-2022-27405 High OpenHarmony-v3.1-Release through OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS OpenHarmony-v1.1.0-release through OpenHarmony-v1.1.5-LTS 3.1.x<https://gitee.com/openharmony/third_party_freetype/pulls/32> 3.0.x<https://gitee.com/openharmony/third_party_freetype/pulls/31> 1.1.x<https://gitee.com/openharmony/third_party_freetype/pulls/30> CVE-2022-2959 High OpenHarmony-v3.1-Release through OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.6-LTS 3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/428> 3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/436> CVE-2022-2991 High OpenHarmony-v3.1-Release through OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.6-LTS 3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/428> 3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/436> CVE-2022-2938 High OpenHarmony-v3.1-Release through OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.6-LTS 3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/430> 3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/434> CVE-2022-2586 Medium OpenHarmony-v3.1-Release through OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS 3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/427> 3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/402> CVE-2022-2588 Medium OpenHarmony-v3.1-Release through OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS 3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/426> 3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/402> CVE-2022-2585 High OpenHarmony-v3.1-Release through OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS 3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/426> 3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/402> CVE-2022-2503 Medium OpenHarmony-v3.1-Release through OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.6-LTS 3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/431> 3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/435> CVE-2022-20369 Medium OpenHarmony-v3.1-Release through OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS 3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/426> 3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/402> CVE-2022-20368 Critical OpenHarmony-v3.1-Release through OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS 3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/426> 3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/402> CVE-2022-2639 Medium OpenHarmony-v3.1-Release through OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS 3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/423> 3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/392> CVE-2022-36123 High OpenHarmony-v3.1-Release through OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS 3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/426> 3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/402> CVE-2022-36946 High OpenHarmony-v3.1-Release through OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS 3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/423> 3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/392> CVE-2022-36879 Medium OpenHarmony-v3.1-Release through OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS 3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/423> 3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/369> CVE-2022-2327 Medium OpenHarmony-v3.1-Release through OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS 3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/423> 3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/392> CVE-2022-21505 Medium OpenHarmony-v3.1-Release through OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS 3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/423> 3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/368> CVE-2021-33655 High OpenHarmony-v3.1-Release through OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS 3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/423> 3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/392> CVE-2021-33656 High OpenHarmony-v3.1-Release through OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS 3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/437> 3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/369> CVE-2022-2861 Medium OpenHarmony-v3.1-Release through OpenHarmony-v3.1.2-Release 3.1.x<https://gitee.com/openharmony/web_webview/pulls/274> CVE-2022-2860 Medium OpenHarmony-v3.1-Release through OpenHarmony-v3.1.2-Release 3.1.x<https://gitee.com/openharmony/web_webview/pulls/274> CVE-2022-2613 Medium OpenHarmony-v3.1-Release through OpenHarmony-v3.1.2-Release 3.1.x<https://gitee.com/openharmony/web_webview/pulls/274> CVE-2022-2612 Low OpenHarmony-v3.1-Release through OpenHarmony-v3.1.2-Release 3.1.x<https://gitee.com/openharmony/web_webview/pulls/274> CVE-2022-2610 Medium OpenHarmony-v3.1-Release through OpenHarmony-v3.1.2-Release 3.1.x<https://gitee.com/openharmony/web_webview/pulls/274> CVE-2022-2607 Medium OpenHarmony-v3.1-Release through OpenHarmony-v3.1.2-Release 3.1.x<https://gitee.com/openharmony/web_webview/pulls/274> CVE-2022-2606 Medium OpenHarmony-v3.1-Release through OpenHarmony-v3.1.2-Release 3.1.x<https://gitee.com/openharmony/web_webview/pulls/274> CVE-2022-2624 High OpenHarmony-v3.1-Release through OpenHarmony-v3.1.2-Release 3.1.x<https://gitee.com/openharmony/web_webview/pulls/274> CVE-2022-2623 High OpenHarmony-v3.1-Release through OpenHarmony-v3.1.2-Release 3.1.x<https://gitee.com/openharmony/web_webview/pulls/274> CVE-2022-2620 High OpenHarmony-v3.1-Release through OpenHarmony-v3.1.2-Release 3.1.x<https://gitee.com/openharmony/web_webview/pulls/274> CVE-2022-2619 Medium OpenHarmony-v3.1-Release through OpenHarmony-v3.1.2-Release 3.1.x<https://gitee.com/openharmony/web_webview/pulls/274> CVE-2022-2617 High OpenHarmony-v3.1-Release through OpenHarmony-v3.1.2-Release 3.1.x<https://gitee.com/openharmony/web_webview/pulls/274> CVE-2022-2616 Medium OpenHarmony-v3.1-Release through OpenHarmony-v3.1.2-Release 3.1.x<https://gitee.com/openharmony/web_webview/pulls/274> CVE-2022-2615 Medium OpenHarmony-v3.1-Release through OpenHarmony-v3.1.2-Release 3.1.x<https://gitee.com/openharmony/web_webview/pulls/274> CVE-2022-2614 High OpenHarmony-v3.1-Release through OpenHarmony-v3.1.2-Release 3.1.x<https://gitee.com/openharmony/web_webview/pulls/274> CVE-2022-35737 High OpenHarmony-v3.1-Release through OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.5-LTS 3.1.x<https://gitee.com/openharmony/third_party_sqlite/pulls/38> 3.0.x<https://gitee.com/openharmony/third_party_sqlite/pulls/37> CVE-2022-2415 High OpenHarmony-v3.1-Release through OpenHarmony-v3.1.2-Release 3.1.x<https://gitee.com/openharmony/third_party_chromium/pulls/35> CVE-2022-1919 Medium OpenHarmony-v3.1-Release through OpenHarmony-v3.1.2-Release 3.1.x<https://gitee.com/openharmony/third_party_chromium/pulls/35> CVE-2022-35252 Low OpenHarmony-v3.1-Release through OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.6-LTS OpenHarmony-v1.1.0-release through OpenHarmony-v1.1.5-LTS 3.1.x<https://gitee.com/openharmony/third_party_curl/pulls/83> 3.0.x<https://gitee.com/openharmony/third_party_curl/pulls/85> 1.1.x<https://gitee.com/openharmony/third_party_curl/pulls/86> CVE-2022-3028 Medium OpenHarmony-v3.1-Release through OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.6-LTS 3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/440> 3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/442> CVE-2022-2977 Medium OpenHarmony-v3.1-Release through OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.6-LTS 3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/440> 3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/442> CVE-2022-2964 High OpenHarmony-v3.1-Release through OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.6-LTS 3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/440> 3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/442> CVE-2022-39188 Medium OpenHarmony-v3.1-Release through OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.6-LTS 3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/450> 3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/477> CVE-2022-3078 Medium OpenHarmony-v3.1-Release through OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.6-LTS 3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/450> 3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/477> CVE-2022-2905 Medium OpenHarmony-v3.1-Release through OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.6-LTS 3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/450> 3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/477> CVE-2022-39842 Medium OpenHarmony-v3.1-Release through OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.6-LTS 3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/450> 3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/477> CVE-2022-3061 Medium OpenHarmony-v3.1-Release through OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.6-LTS 3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/443> 3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/444> CVE-2021-29921 Critical OpenHarmony-v3.1-Release through OpenHarmony-v3.1.2-Release 3.1.x<https://gitee.com/openharmony/third_party_python/pulls/19> CVE-2022-0391 High OpenHarmony-v3.1-Release through OpenHarmony-v3.1.2-Release 3.1.x<https://gitee.com/openharmony/third_party_python/pulls/23> CVE-2021-3737 High OpenHarmony-v3.1-Release through OpenHarmony-v3.1.2-Release 3.1.x<https://gitee.com/openharmony/third_party_python/pulls/20> CVE-2021-4189 Medium OpenHarmony-v3.1-Release through OpenHarmony-v3.1.2-Release 3.1.x<https://gitee.com/openharmony/third_party_python/pulls/21> CVE-2021-3733 Medium OpenHarmony-v3.1-Release through OpenHarmony-v3.1.2-Release 3.1.x<https://gitee.com/openharmony/third_party_python/pulls/22> CVE-2021-28861 High OpenHarmony-v3.1-Release through OpenHarmony-v3.1.2-Release 3.1.x<https://gitee.com/openharmony/third_party_python/pulls/24> CVE-2022-40307 Medium OpenHarmony-v3.1-Release through OpenHarmony-v3.1.3-Release OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.6-LTS 3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/463> 3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/464>

1 year, 6 months

1
0
0 0

OpenHarmony 2022年10月安全公告 Security Vulnerabilities in October 2022

by Liuxu (louis)

2022年10月安全漏洞发布于2022.10.11 最后更新于2022.10.11 漏洞编号相关漏洞漏洞描述漏洞影响 CVSS3.1基础得分受影响的版本受影响的仓库修复链接参考链接 OpenHarmony-SA-2022-1001 CVE-2022-42488 启动子系统param服务缺少权限校验。攻击者可在本地发起攻击，获取root权限，关闭安全特性或对任意服务造成DoS攻击。 8.4 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release startup_init_lite 3.1.x<https://gitee.com/openharmony/startup_init_lite/pulls/1104> 3.1.x<https://gitee.com/openharmony/startup_init_lite/pulls/1074> 本项目组上报 OpenHarmony-SA-2022-1002 CVE-2022-42464 dev/mmz_userdev驱动存在内核内存非法映射漏洞。攻击者可在本地发起攻击，非法映射内存并进行读写，可提升到root权限或造成设备重启。利用此漏洞需要system UID。 6.7 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.6-LTS device_board_hisilicon device_hisilicon_hi3516dv300 3.1.x<https://gitee.com/openharmony/device_board_hisilicon/pulls/135> 3.0.x<https://gitee.com/openharmony/device_hisilicon_hi3516dv300/pulls/87> 本项目组上报 OpenHarmony-SA-2022-1003 CVE-2022-41686 dev/mmz_userdev驱动存在越界读写漏洞。攻击者可在本地发起攻击，越界读写内存地址，造成内存泄露或崩溃。利用此漏洞需要system UID。 5.1 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.6-LTS device_board_hisilicon device_hisilicon_hispark_taurus 3.1.x<https://gitee.com/openharmony/device_soc_hisilicon/pulls/287> 3.0.x<https://gitee.com/openharmony/device_hisilicon_hispark_taurus/pulls/127> 本项目组上报 OpenHarmony-SA-2022-1004 CVE-2022-42463 通信子系统softbus_server服务的一个回调处理函数存在无需认证和加密的漏洞。攻击者可以在分布式网络发起攻击，发送蓝牙rfcomm报文到任意远程设备，执行任意命令。 8.3 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release communication_dsoftbus 3.1.x<https://gitee.com/openharmony/communication_dsoftbus/pulls/2348> 本项目组上报以下为三方库漏洞，只提供CVE、严重程度、受影响的OpenHarmony版本，详细信息请参考三方公告。 CVE 严重程度受影响的OpenHarmony版本修复链接 CVE-2022-27405 高 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS OpenHarmony-v1.1.0-release到OpenHarmony-v1.1.5-LTS 3.1.x<https://gitee.com/openharmony/third_party_freetype/pulls/32> 3.0.x<https://gitee.com/openharmony/third_party_freetype/pulls/31> 1.1.x<https://gitee.com/openharmony/third_party_freetype/pulls/30> CVE-2022-2959 高 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.6-LTS 3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/428> 3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/436> CVE-2022-2991 高 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.6-LTS 3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/428> 3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/436> CVE-2022-2938 高 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.6-LTS 3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/430> 3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/434> CVE-2022-2586 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS 3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/427> 3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/402> CVE-2022-2588 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS 3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/426> 3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/402> CVE-2022-2585 高 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS 3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/426> 3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/402> CVE-2022-2503 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.6-LTS 3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/431> 3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/435> CVE-2022-20369 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS 3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/426> 3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/402> CVE-2022-20368 严重 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS 3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/426> 3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/402> CVE-2022-2639 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS 3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/423> 3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/392> CVE-2022-36123 高 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS 3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/426> 3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/402> CVE-2022-36946 高 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS 3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/423> 3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/392> CVE-2022-36879 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS 3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/423> 3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/369> CVE-2022-2327 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS 3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/423> 3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/392> CVE-2022-21505 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS 3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/423> 3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/368> CVE-2021-33655 高 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS 3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/423> 3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/392> CVE-2021-33656 高 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS 3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/437> 3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/369> CVE-2022-2861 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release 3.1.x<https://gitee.com/openharmony/web_webview/pulls/274> CVE-2022-2860 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release 3.1.x<https://gitee.com/openharmony/web_webview/pulls/274> CVE-2022-2613 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release 3.1.x<https://gitee.com/openharmony/web_webview/pulls/274> CVE-2022-2612 低 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release 3.1.x<https://gitee.com/openharmony/web_webview/pulls/274> CVE-2022-2610 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release 3.1.x<https://gitee.com/openharmony/web_webview/pulls/274> CVE-2022-2607 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release 3.1.x<https://gitee.com/openharmony/web_webview/pulls/274> CVE-2022-2606 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release 3.1.x<https://gitee.com/openharmony/web_webview/pulls/274> CVE-2022-2624 高 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release 3.1.x<https://gitee.com/openharmony/web_webview/pulls/274> CVE-2022-2623 高 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release 3.1.x<https://gitee.com/openharmony/web_webview/pulls/274> CVE-2022-2620 高 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release 3.1.x<https://gitee.com/openharmony/web_webview/pulls/274> CVE-2022-2619 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release 3.1.x<https://gitee.com/openharmony/web_webview/pulls/274> CVE-2022-2617 高 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release 3.1.x<https://gitee.com/openharmony/web_webview/pulls/274> CVE-2022-2616 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release 3.1.x<https://gitee.com/openharmony/web_webview/pulls/274> CVE-2022-2615 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release 3.1.x<https://gitee.com/openharmony/web_webview/pulls/274> CVE-2022-2614 高 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release 3.1.x<https://gitee.com/openharmony/web_webview/pulls/274> CVE-2022-35737 高 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS 3.1.x<https://gitee.com/openharmony/third_party_sqlite/pulls/38> 3.0.x<https://gitee.com/openharmony/third_party_sqlite/pulls/37> CVE-2022-2415 高 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release 3.1.x<https://gitee.com/openharmony/third_party_chromium/pulls/35> CVE-2022-1919 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release 3.1.x<https://gitee.com/openharmony/third_party_chromium/pulls/35> CVE-2022-35252 低 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.6-LTS OpenHarmony-v1.1.0-release到OpenHarmony-v1.1.5-LTS 3.1.x<https://gitee.com/openharmony/third_party_curl/pulls/83> 3.0.x<https://gitee.com/openharmony/third_party_curl/pulls/85> 1.1.x<https://gitee.com/openharmony/third_party_curl/pulls/86> CVE-2022-3028 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.6-LTS 3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/440> 3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/442> CVE-2022-2977 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.6-LTS 3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/440> 3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/442> CVE-2022-2964 高 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.6-LTS 3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/440> 3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/442> CVE-2022-39188 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.6-LTS 3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/450> 3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/477> CVE-2022-3078 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.6-LTS 3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/450> 3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/477> CVE-2022-2905 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.6-LTS 3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/450> 3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/477> CVE-2022-39842 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.6-LTS 3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/450> 3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/477> CVE-2022-3061 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.6-LTS 3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/443> 3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/444> CVE-2021-29921 严重 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release 3.1.x<https://gitee.com/openharmony/third_party_python/pulls/19> CVE-2022-0391 高 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release 3.1.x<https://gitee.com/openharmony/third_party_python/pulls/23> CVE-2021-3737 高 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release 3.1.x<https://gitee.com/openharmony/third_party_python/pulls/20> CVE-2021-4189 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release 3.1.x<https://gitee.com/openharmony/third_party_python/pulls/21> CVE-2021-3733 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release 3.1.x<https://gitee.com/openharmony/third_party_python/pulls/22> CVE-2021-28861 高 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release 3.1.x<https://gitee.com/openharmony/third_party_python/pulls/24> CVE-2022-40307 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.3-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.6-LTS 3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/463> 3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/464>

1 year, 6 months

1
0
0 0