发布于2024.11.05
备注:OpenHarmony-v4.0-Release分支已停止维护,后续这个分支的安全漏洞不再维护,详情参见:
| CVE | 漏洞描述 | 漏洞影响 | CVSS3.1基础得分 | 受影响的版本 | 受影响的仓库 | 修复链接 |
|---|---|---|---|---|---|---|
| CVE-2024-47797 | liteos_a内核越界写漏洞 | 本地攻击者可通过本漏洞获取root权限 | 8.4 | OpenHarmony-v4.0-Release OpenHarmony-v4.1-Release | kernel_liteos_a | |
| CVE-2024-47404 | liteos_a内核内存二次释放漏洞 | 本地攻击者可通过本漏洞获取root权限 | 8.4 | OpenHarmony-v4.0-Release OpenHarmony-v4.1-Release | kernel_liteos_a | |
| CVE-2024-47137 | liteos_a内核越界写漏洞 | 本地攻击者可通过本漏洞获取root权限 | 8.4 | OpenHarmony-v4.0-Release OpenHarmony-v4.1-Release | kernel_liteos_a | |
| CVE-2024-47402 | liteos_a内核越界读漏洞 | 本地攻击者可通过本漏洞造成DOS | 3.3 | OpenHarmony-v4.0-Release OpenHarmony-v4.1-Release | kernel_liteos_a |
| CVE | 严重程度 | CVSS 3.1得分 | 受影响的仓库 | 受影响的OpenHarmony版本 | 修复链接 |
|---|---|---|---|---|---|
| CVE-2024-8088 | 高危 | 7.5 | third_party_python | OpenHarmony-v4.1-Release OpenHarmony-v4.0-Release | |
| CVE-2024-45028 | 中危 | 5.5 | kernel_linux_5.10 | OpenHarmony-v4.1-Release OpenHarmony-v4.0-Release | |
| CVE-2024-45006 | 中危 | 5.5 | kernel_linux_5.10 | OpenHarmony-v4.1-Release OpenHarmony-v4.0-Release | |
| CVE-2024-44987 | 高危 | 7.8 | kernel_linux_5.10 | OpenHarmony-v4.1-Release OpenHarmony-v4.0-Release | |
| CVE-2024-43892 | 中危 | 4.7 | kernel_linux_5.10 | OpenHarmony-v4.1-Release OpenHarmony-v4.0-Release | |
| CVE-2024-43884 | 中危 | 5.5 | kernel_linux_5.10 | OpenHarmony-v4.1-Release OpenHarmony-v4.0-Release | |
| CVE-2024-43882 | 高危 | 7.0 | kernel_linux_5.10 | OpenHarmony-v4.1-Release OpenHarmony-v4.0-Release | |
| CVE-2024-43871 | 中危 | 5.5 | kernel_linux_5.10 | OpenHarmony-v4.1-Release OpenHarmony-v4.0-Release | |
| CVE-2024-43856 | 中危 | 5.5 | kernel_linux_5.10 | OpenHarmony-v4.1-Release OpenHarmony-v4.0-Release | |
| CVE-2024-43853 | 中危 | 5.5 | kernel_linux_5.10 | OpenHarmony-v4.1-Release OpenHarmony-v4.0-Release | |
| CVE-2024-43828 | 中危 | 5.5 | kernel_linux_5.10 | OpenHarmony-v4.1-Release OpenHarmony-v4.0-Release | |
| CVE-2024-42312 | 中危 | 5.5 | kernel_linux_5.10 | OpenHarmony-v4.0-Release | |
| CVE-2024-42305 | 高危 | 8.0 | kernel_linux_5.10 | OpenHarmony-v4.1-Release OpenHarmony-v4.0-Release | |
| CVE-2024-42304 | 中危 | 5.7 | kernel_linux_5.10 | OpenHarmony-v4.0-Release | |
| CVE-2024-42302 | 高危 | 7.8 | kernel_linux_5.10 | OpenHarmony-v4.1-Release OpenHarmony-v4.0-Release | |
| CVE-2024-42283 | 中危 | 5.5 | kernel_linux_5.10 | OpenHarmony-v4.1-Release OpenHarmony-v4.0-Release | |
| CVE-2024-42276 | 中危 | 5.7 | kernel_linux_5.10 | OpenHarmony-v4.1-Release OpenHarmony-v4.0-Release | |
| CVE-2024-42271 | 高危 | 7.8 | kernel_linux_5.10 | OpenHarmony-v4.1-Release OpenHarmony-v4.0-Release | |
| CVE-2024-42106 | 中危 | 4.0 | kernel_linux_5.10 | OpenHarmony-v4.1-Release OpenHarmony-v4.0-Release | |
| CVE-2023-52889 | 中危 | 5.5 | kernel_linux_5.10 | OpenHarmony-v4.1-Release OpenHarmony-v4.0-Release | |
| CVE-2023-52623 | 中危 | 5.5 | kernel_linux_5.10 | OpenHarmony-v4.1-Release OpenHarmony-v4.0-Release | |
| CVE-2023-52615 | 中危 | 4.4 | kernel_linux_5.10 | OpenHarmony-v4.1-Release OpenHarmony-v4.0-Release | |
| CVE-2023-52622 | 中危 | 5.5 | kernel_linux_5.10 | OpenHarmony-v4.1-Release OpenHarmony-v4.0-Release | |
| CVE-2023-52616 | 中危 | 5.5 | kernel_linux_5.10 | OpenHarmony-v4.1-Release OpenHarmony-v4.0-Release | |
| CVE-2023-52886 | 中危 | 6.4 | kernel_linux_5.10 | OpenHarmony-v4.1-Release OpenHarmony-v4.0-Release | |
| CVE-2023-52679 | 中危 | 5.5 | kernel_linux_5.10 | OpenHarmony-v4.1-Release OpenHarmony-v4.0-Release | |
| CVE-2023-52898 | 中危 | 5.5 | kernel_linux_5.10 | OpenHarmony-v4.1-Release OpenHarmony-v4.0-Release | |
| CVE-2024-44969 | 高危 | 8.0 | kernel_linux_5.10 | OpenHarmony-v4.1-Release OpenHarmony-v4.0-Release | |
| CVE-2023-52635 | 中危 | 4.4 | kernel_linux_5.10 | OpenHarmony-v4.1-Release OpenHarmony-v4.0-Release | |
| CVE-2023-7013 | 中危 | 4.3 | web_webview | OpenHarmony-v4.1-Release | |
| CVE-2023-7012 | 低危 | 2.7 | web_webview | OpenHarmony-v4.1-Release OpenHarmony-v4.0-Release | |
| CVE-2023-7011 | 中危 | 4.3 | web_webview | OpenHarmony-v4.1-Release | |
| CVE-2023-7010 | 低危 | 2.7 | web_webview | OpenHarmony-v4.1-Release OpenHarmony-v4.0-Release | |
| CVE-2024-6777 | 中危 | 4.3 | web_webview | OpenHarmony-v4.1-Release | |
| CVE-2024-6778 | 低危 | 3.1 | web_webview | OpenHarmony-v4.1-Release OpenHarmony-v4.0-Release | |
| CVE-2024-3172 | 高危 | 8.8 | web_webview | OpenHarmony-v4.1-Release OpenHarmony-v4.0-Release | |
| CVE-2024-3175 | 中危 | 6.3 | web_webview | OpenHarmony-v4.1-Release OpenHarmony-v4.0-Release | |
| CVE-2024-6996 | 低危 | 3.1 | web_webview | OpenHarmony-v4.1-Release OpenHarmony-v4.0-Release | |
| CVE-2024-7004 | 中危 | 6.3 | web_webview | OpenHarmony-v4.1-Release OpenHarmony-v4.0-Release | |
| CVE-2024-6989 | 中危 | 6.3 | web_webview | OpenHarmony-v4.1-Release OpenHarmony-v4.0-Release | |
| CVE-2024-6119 | 高危 | 7.5 | third_party_openssl | OpenHarmony-v4.0-Release | |
| CVE-2024-42292 | 中危 | 3.5 | kernel_linux_5.10 | OpenHarmony-v4.1-Release OpenHarmony-v4.0-Release | |
| CVE-2024-43834 | 中危 | 4.8 | kernel_linux_5.10 | OpenHarmony-v4.1-Release OpenHarmony-v4.0-Release | |
| CVE-2024-44952 | 中危 | 4.8 | kernel_linux_5.10 | OpenHarmony-v4.1-Release OpenHarmony-v4.0-Release | |
| CVE-2024-46798 | 高危 | 7.1 | kernel_linux_5.10 | OpenHarmony-v4.1-Release OpenHarmony-v4.0-Release | |
| CVE-2024-45018 | 中危 | 5.5 | kernel_linux_5.10 | OpenHarmony-v4.1-Release OpenHarmony-v4.0-Release |