发布于2022.7.5
|
漏洞编号 |
相关漏洞 |
漏洞描述 |
漏洞影响 |
受影响的版本 |
受影响的仓库 |
修复链接 |
参考链接 |
|
OpenHarmony-SA-2022-0701 |
NA |
通信子系统蓝牙组件存在DoS漏洞,造成进程崩溃。 |
攻击者可在本地发起攻击,进入超大循环,导致进程崩溃。 |
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.3-LTS |
communication_bluetooth |
本项目组上报 |
|
|
OpenHarmony-SA-2022-0702 |
NA |
升级子系统升级包安装组件存在空指针引用,造成进程崩溃。 |
攻击者可在本地发起攻击,传入空指针,导致进程崩溃。 |
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.3-LTS |
update_updater |
本项目组上报 |
|
|
OpenHarmony-SA-2022-0703 |
NA |
通信子系统软总线存在校验绕过漏洞,可发起SA中继攻击。 |
攻击者可在本地发起攻击,造成权限绕过,可获取系统控制权。 |
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.3-LTS |
communication_dsoftbus |
本项目组上报 |
|
CVE |
严重程度 |
受影响的OpenHarmony版本 |
修复链接 |
|
CVE-2022-1292 |
中 |
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.3-LTS |
|
|
CVE-2022-27781 |
中 |
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.3-LTS |
|
|
CVE-2022-27782 |
中 |
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.3-LTS |
|
|
CVE-2022-0168 |
中 |
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.3-LTS |
|
|
CVE-2022-0330 |
高 |
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.3-LTS |
|
|
CVE-2022-0001 |
中 |
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.3-LTS |
|
|
CVE-2022-0002 |
中 |
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.3-LTS |
|
|
CVE-2022-23960 |
中 |
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.3-LTS |
|
|
CVE-2022-0322 |
中 |
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.3-LTS |
|
|
CVE-2021-32078 |
高 |
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.3-LTS |
|
|
CVE-2021-38205 |
低 |
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.3-LTS |
|
|
CVE-2021-38166 |
高 |
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.3-LTS |
|
|
CVE-2021-42739 |
中 |
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.3-LTS |
|
|
CVE-2022-0854 |
中 |
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.3-LTS |
|
|
CVE-2022-23037 |
高 |
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.3-LTS |
|
|
CVE-2022-23039 |
高 |
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.3-LTS |
|
|
CVE-2022-23040 |
高 |
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.3-LTS |
|
|
CVE-2022-23038 |
高 |
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.3-LTS |
|
|
CVE-2022-23041 |
高 |
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.3-LTS |
|
|
CVE-2022-23042 |
高 |
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.3-LTS |
|
|
CVE-2022-23036 |
高 |
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.3-LTS |
|
|
CVE-2022-0998 |
高 |
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.3-LTS |
|
|
CVE-2021-4203 |
中 |
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.3-LTS |
|
|
CVE-2021-39633 |
中 |
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.3-LTS |
|
|
CVE-2021-46283 |
中 |
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.3-LTS |
|
|
CVE-2021-4149 |
中 |
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.3-LTS |
|
|
CVE-2021-4204 |
中 |
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.3-LTS |
|
|
CVE-2021-3640 |
中 |
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.3-LTS |
|
|
CVE-2021-3669 |
中 |
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.3-LTS |
|
|
CVE-2021-3759 |
中 |
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.3-LTS |
|
|
CVE-2021-3752 |
高 |
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.3-LTS |
|
|
CVE-2020-27820 |
中 |
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.3-LTS |
|
|
CVE-2021-43976 |
中 |
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.3-LTS |
|
|
CVE-2021-43975 |
中 |
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.3-LTS |
|
|
CVE-2021-4001 |
中 |
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.3-LTS |
|
|
CVE-2021-4002 |
中 |
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.3-LTS |
|
|
CVE-2021-4037 |
中 |
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.3-LTS |
|
|
CVE-2020-12363 |
中 |
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.3-LTS |
|
|
CVE-2020-12364 |
中 |
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.3-LTS |
|
|
CVE-2021-39685 |
高 |
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.3-LTS |
|
|
CVE-2021-4083 |
高 |
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.3-LTS |
|
|
CVE-2021-45095 |
中 |
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.3-LTS |
|
|
CVE-2021-44733 |
高 |
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.3-LTS |
|
|
CVE-2021-45469 |
高 |
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.3-LTS |
|
|
CVE-2021-4197 |
中 |
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.3-LTS |
|
|
CVE-2021-45480 |
中 |
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.3-LTS |
|
|
CVE-2021-4155 |
低 |
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.3-LTS |
|
|
CVE-2021-4202 |
高 |
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.3-LTS |
published July 5,2022
|
Vulnerability ID |
related Vulnerability |
Vulnerability Descripton |
Vulnerability Impact |
affected versions |
affected projects |
fix link |
reference |
|
OpenHarmony-SA-2022-0701 |
NA |
The bluetooth in communication subsystem has a DoS vulnerability. |
Local attackers can trigger a large loop and crash the process. |
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |
communication_bluetooth |
Reported by OpenHarmony Team |
|
|
OpenHarmony-SA-2022-0702 |
NA |
The updater in update subsystem has a null pointer reference vulnerability. |
Local attackers can input a nullptr and crash the process. |
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |
update_updater |
Reported by OpenHarmony Team |
|
|
OpenHarmony-SA-2022-0703 |
NA |
The dsoftbus in communication subsystem has an authentication bypass vulnerability which allows an "SA relay attack". |
Local attackers can bypass authentication and get system control. |
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |
communication_dsoftbus |
Reported by OpenHarmony Team |
|
CVE |
severity |
affected OpenHarmony versions |
fix link |
|
CVE-2022-1292 |
Medium |
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |
|
|
CVE-2022-27781 |
Medium |
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |
|
|
CVE-2022-27782 |
Medium |
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |
|
|
CVE-2022-0168 |
Medium |
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |
|
|
CVE-2022-0330 |
High |
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |
|
|
CVE-2022-0001 |
Medium |
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |
|
|
CVE-2022-0002 |
Medium |
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |
|
|
CVE-2022-23960 |
Medium |
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |
|
|
CVE-2022-0322 |
Medium |
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |
|
|
CVE-2021-32078 |
High |
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |
|
|
CVE-2021-38205 |
Low |
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |
|
|
CVE-2021-38166 |
High |
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |
|
|
CVE-2021-42739 |
Medium |
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |
|
|
CVE-2022-0854 |
Medium |
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |
|
|
CVE-2022-23037 |
High |
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |
|
|
CVE-2022-23039 |
High |
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |
|
|
CVE-2022-23040 |
High |
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |
|
|
CVE-2022-23038 |
High |
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |
|
|
CVE-2022-23041 |
High |
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |
|
|
CVE-2022-23042 |
High |
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |
|
|
CVE-2022-23036 |
High |
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |
|
|
CVE-2022-0998 |
High |
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |
|
|
CVE-2021-4203 |
Medium |
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |
|
|
CVE-2021-39633 |
Medium |
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |
|
|
CVE-2021-46283 |
Medium |
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |
|
|
CVE-2021-4149 |
Medium |
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |
|
|
CVE-2021-4204 |
Medium |
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |
|
|
CVE-2021-3640 |
Medium |
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |
|
|
CVE-2021-3669 |
Medium |
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |
|
|
CVE-2021-3759 |
Medium |
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |
|
|
CVE-2021-3752 |
High |
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |
|
|
CVE-2020-27820 |
Medium |
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |
|
|
CVE-2021-43976 |
Medium |
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |
|
|
CVE-2021-43975 |
Medium |
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |
|
|
CVE-2021-4001 |
Medium |
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |
|
|
CVE-2021-4002 |
Medium |
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |
|
|
CVE-2021-4037 |
Medium |
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |
|
|
CVE-2020-12363 |
Medium |
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |
|
|
CVE-2020-12364 |
Medium |
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |
|
|
CVE-2021-39685 |
High |
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |
|
|
CVE-2021-4083 |
High |
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |
|
|
CVE-2021-45095 |
Medium |
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |
|
|
CVE-2021-44733 |
High |
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |
|
|
CVE-2021-45469 |
High |
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |
|
|
CVE-2021-4197 |
Medium |
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |
|
|
CVE-2021-45480 |
Medium |
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |
|
|
CVE-2021-4155 |
Low |
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |
|
|
CVE-2021-4202 |
High |
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.3-LTS |