[Security-bulletin] OpenHarmony 2022年10月安全公告 Security Vulnerabilities in October 2022

2022年10月安全漏洞 发布于2022.10.11 最后更新于2022.10.11 漏洞编号 相关漏洞 漏洞描述 漏洞影响 CVSS3.1基础得分 受影响的版本 受影响的仓库 修复链接 参考链接 OpenHarmony-SA-2022-1001 CVE-2022-42488 启动子系统param服务缺少权限校验。 攻击者可在本地发起攻击，获取root权限，关闭安全特性或对任意服务造成DoS攻击。 8.4 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release startup_init_lite 3.1.x<https://gitee.com/openharmony/startup_init_lite/pulls/1104> 3.1.x<https://gitee.com/openharmony/startup_init_lite/pulls/1074> 本项目组上报 OpenHarmony-SA-2022-1002 CVE-2022-42464 dev/mmz_userdev驱动存在内核内存非法映射漏洞。 攻击者可在本地发起攻击，非法映射内存并进行读写，可提升到root权限或造成设备重启。利用此漏洞需要system UID。 6.7 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.6-LTS device_board_hisilicon device_hisilicon_hi3516dv300 3.1.x<https://gitee.com/openharmony/device_board_hisilicon/pulls/135> 3.0.x<https://gitee.com/openharmony/device_hisilicon_hi3516dv300/pulls/87> 本项目组上报 OpenHarmony-SA-2022-1003 CVE-2022-41686 dev/mmz_userdev驱动存在越界读写漏洞。 攻击者可在本地发起攻击，越界读写内存地址，造成内存泄露或崩溃。利用此漏洞需要system UID。 5.1 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.6-LTS device_board_hisilicon device_hisilicon_hispark_taurus 3.1.x<https://gitee.com/openharmony/device_soc_hisilicon/pulls/287> 3.0.x<https://gitee.com/openharmony/device_hisilicon_hispark_taurus/pulls/127> 本项目组上报 OpenHarmony-SA-2022-1004 CVE-2022-42463 通信子系统softbus_server服务的一个回调处理函数存在无需认证和加密的漏洞。 攻击者可以在分布式网络发起攻击，发送蓝牙rfcomm报文到任意远程设备，执行任意命令。 8.3 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release communication_dsoftbus 3.1.x<https://gitee.com/openharmony/communication_dsoftbus/pulls/2348> 本项目组上报 以下为三方库漏洞，只提供CVE、严重程度、受影响的OpenHarmony版本，详细信息请参考三方公告。 CVE 严重程度 受影响的OpenHarmony版本 修复链接 CVE-2022-27405 高 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.1-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS OpenHarmony-v1.1.0-release到OpenHarmony-v1.1.5-LTS 3.1.x<https://gitee.com/openharmony/third_party_freetype/pulls/32> 3.0.x<https://gitee.com/openharmony/third_party_freetype/pulls/31> 1.1.x<https://gitee.com/openharmony/third_party_freetype/pulls/30> CVE-2022-2959 高 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.6-LTS 3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/428> 3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/436> CVE-2022-2991 高 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.6-LTS 3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/428> 3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/436> CVE-2022-2938 高 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.6-LTS 3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/430> 3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/434> CVE-2022-2586 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS 3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/427> 3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/402> CVE-2022-2588 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS 3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/426> 3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/402> CVE-2022-2585 高 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS 3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/426> 3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/402> CVE-2022-2503 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.6-LTS 3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/431> 3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/435> CVE-2022-20369 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS 3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/426> 3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/402> CVE-2022-20368 严重 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS 3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/426> 3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/402> CVE-2022-2639 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS 3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/423> 3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/392> CVE-2022-36123 高 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS 3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/426> 3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/402> CVE-2022-36946 高 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS 3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/423> 3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/392> CVE-2022-36879 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS 3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/423> 3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/369> CVE-2022-2327 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS 3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/423> 3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/392> CVE-2022-21505 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS 3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/423> 3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/368> CVE-2021-33655 高 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS 3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/423> 3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/392> CVE-2021-33656 高 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS 3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/437> 3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/369> CVE-2022-2861 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release 3.1.x<https://gitee.com/openharmony/web_webview/pulls/274> CVE-2022-2860 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release 3.1.x<https://gitee.com/openharmony/web_webview/pulls/274> CVE-2022-2613 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release 3.1.x<https://gitee.com/openharmony/web_webview/pulls/274> CVE-2022-2612 低 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release 3.1.x<https://gitee.com/openharmony/web_webview/pulls/274> CVE-2022-2610 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release 3.1.x<https://gitee.com/openharmony/web_webview/pulls/274> CVE-2022-2607 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release 3.1.x<https://gitee.com/openharmony/web_webview/pulls/274> CVE-2022-2606 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release 3.1.x<https://gitee.com/openharmony/web_webview/pulls/274> CVE-2022-2624 高 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release 3.1.x<https://gitee.com/openharmony/web_webview/pulls/274> CVE-2022-2623 高 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release 3.1.x<https://gitee.com/openharmony/web_webview/pulls/274> CVE-2022-2620 高 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release 3.1.x<https://gitee.com/openharmony/web_webview/pulls/274> CVE-2022-2619 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release 3.1.x<https://gitee.com/openharmony/web_webview/pulls/274> CVE-2022-2617 高 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release 3.1.x<https://gitee.com/openharmony/web_webview/pulls/274> CVE-2022-2616 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release 3.1.x<https://gitee.com/openharmony/web_webview/pulls/274> CVE-2022-2615 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release 3.1.x<https://gitee.com/openharmony/web_webview/pulls/274> CVE-2022-2614 高 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release 3.1.x<https://gitee.com/openharmony/web_webview/pulls/274> CVE-2022-35737 高 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.5-LTS 3.1.x<https://gitee.com/openharmony/third_party_sqlite/pulls/38> 3.0.x<https://gitee.com/openharmony/third_party_sqlite/pulls/37> CVE-2022-2415 高 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release 3.1.x<https://gitee.com/openharmony/third_party_chromium/pulls/35> CVE-2022-1919 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release 3.1.x<https://gitee.com/openharmony/third_party_chromium/pulls/35> CVE-2022-35252 低 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.6-LTS OpenHarmony-v1.1.0-release到OpenHarmony-v1.1.5-LTS 3.1.x<https://gitee.com/openharmony/third_party_curl/pulls/83> 3.0.x<https://gitee.com/openharmony/third_party_curl/pulls/85> 1.1.x<https://gitee.com/openharmony/third_party_curl/pulls/86> CVE-2022-3028 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.6-LTS 3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/440> 3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/442> CVE-2022-2977 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.6-LTS 3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/440> 3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/442> CVE-2022-2964 高 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.6-LTS 3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/440> 3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/442> CVE-2022-39188 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.6-LTS 3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/450> 3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/477> CVE-2022-3078 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.6-LTS 3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/450> 3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/477> CVE-2022-2905 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.6-LTS 3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/450> 3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/477> CVE-2022-39842 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.6-LTS 3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/450> 3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/477> CVE-2022-3061 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.6-LTS 3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/443> 3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/444> CVE-2021-29921 严重 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release 3.1.x<https://gitee.com/openharmony/third_party_python/pulls/19> CVE-2022-0391 高 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release 3.1.x<https://gitee.com/openharmony/third_party_python/pulls/23> CVE-2021-3737 高 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release 3.1.x<https://gitee.com/openharmony/third_party_python/pulls/20> CVE-2021-4189 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release 3.1.x<https://gitee.com/openharmony/third_party_python/pulls/21> CVE-2021-3733 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release 3.1.x<https://gitee.com/openharmony/third_party_python/pulls/22> CVE-2021-28861 高 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release 3.1.x<https://gitee.com/openharmony/third_party_python/pulls/24> CVE-2022-40307 中 OpenHarmony-v3.1-Release到OpenHarmony-v3.1.3-Release OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.6-LTS 3.1.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/463> 3.0.x<https://gitee.com/openharmony/kernel_linux_5.10/pulls/464>