发布于2022.10.11
最后更新于2022.10.11
|
漏洞编号 |
相关漏洞 |
漏洞描述 |
漏洞影响 |
CVSS3.1基础得分 |
受影响的版本 |
受影响的仓库 |
修复链接 |
参考链接 |
|
OpenHarmony-SA-2022-1001 |
CVE-2022-42488 |
启动子系统param服务缺少权限校验。 |
攻击者可在本地发起攻击,获取root权限,关闭安全特性或对任意服务造成DoS攻击。 |
8.4 |
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release |
startup_init_lite |
本项目组上报 |
|
|
OpenHarmony-SA-2022-1002 |
CVE-2022-42464 |
dev/mmz_userdev驱动存在内核内存非法映射漏洞。 |
攻击者可在本地发起攻击,非法映射内存并进行读写,可提升到root权限或造成设备重启。利用此漏洞需要system
UID。 |
6.7 |
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release |
device_board_hisilicon |
本项目组上报 |
|
|
OpenHarmony-SA-2022-1003 |
CVE-2022-41686 |
dev/mmz_userdev驱动存在越界读写漏洞。 |
攻击者可在本地发起攻击,越界读写内存地址,造成内存泄露或崩溃。利用此漏洞需要system UID。 |
5.1 |
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release |
device_board_hisilicon |
本项目组上报 |
|
|
OpenHarmony-SA-2022-1004 |
CVE-2022-42463 |
通信子系统softbus_server服务的一个回调处理函数存在无需认证和加密的漏洞。 |
攻击者可以在分布式网络发起攻击,发送蓝牙rfcomm报文到任意远程设备,执行任意命令。 |
8.3 |
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release |
communication_dsoftbus |
本项目组上报 |
|
CVE |
严重程度 |
受影响的OpenHarmony版本 |
修复链接 |
|
CVE-2022-27405 |
高 |
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.1-Release |
|
|
CVE-2022-2959 |
高 |
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release |
|
|
CVE-2022-2991 |
高 |
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release |
|
|
CVE-2022-2938 |
高 |
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release |
|
|
CVE-2022-2586 |
中 |
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release |
|
|
CVE-2022-2588 |
中 |
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release |
|
|
CVE-2022-2585 |
高 |
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release |
|
|
CVE-2022-2503 |
中 |
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release |
|
|
CVE-2022-20369 |
中 |
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release |
|
|
CVE-2022-20368 |
严重 |
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release |
|
|
CVE-2022-2639 |
中 |
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release |
|
|
CVE-2022-36123 |
高 |
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release |
|
|
CVE-2022-36946 |
高 |
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release |
|
|
CVE-2022-36879 |
中 |
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release |
|
|
CVE-2022-2327 |
中 |
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release |
|
|
CVE-2022-21505 |
中 |
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release |
|
|
CVE-2021-33655 |
高 |
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release |
|
|
CVE-2021-33656 |
高 |
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release |
|
|
CVE-2022-2861 |
中 |
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release |
|
|
CVE-2022-2860 |
中 |
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release |
|
|
CVE-2022-2613 |
中 |
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release |
|
|
CVE-2022-2612 |
低 |
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release |
|
|
CVE-2022-2610 |
中 |
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release |
|
|
CVE-2022-2607 |
中 |
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release |
|
|
CVE-2022-2606 |
中 |
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release |
|
|
CVE-2022-2624 |
高 |
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release |
|
|
CVE-2022-2623 |
高 |
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release |
|
|
CVE-2022-2620 |
高 |
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release |
|
|
CVE-2022-2619 |
中 |
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release |
|
|
CVE-2022-2617 |
高 |
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release |
|
|
CVE-2022-2616 |
中 |
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release |
|
|
CVE-2022-2615 |
中 |
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release |
|
|
CVE-2022-2614 |
高 |
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release |
|
|
CVE-2022-35737 |
高 |
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release |
|
|
CVE-2022-2415 |
高 |
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release |
|
|
CVE-2022-1919 |
中 |
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release |
|
|
CVE-2022-35252 |
低 |
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release |
|
|
CVE-2022-3028 |
中 |
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release |
|
|
CVE-2022-2977 |
中 |
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release |
|
|
CVE-2022-2964 |
高 |
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release |
|
|
CVE-2022-39188 |
中 |
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release |
|
|
CVE-2022-3078 |
中 |
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release |
|
|
CVE-2022-2905 |
中 |
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release |
|
|
CVE-2022-39842 |
中 |
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release |
|
|
CVE-2022-3061 |
中 |
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release |
|
|
CVE-2021-29921 |
严重 |
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release |
|
|
CVE-2022-0391 |
高 |
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release |
|
|
CVE-2021-3737 |
高 |
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release |
|
|
CVE-2021-4189 |
中 |
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release |
|
|
CVE-2021-3733 |
中 |
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release |
|
|
CVE-2021-28861 |
高 |
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.2-Release |
|
|
CVE-2022-40307 |
中 |
OpenHarmony-v3.1-Release到OpenHarmony-v3.1.3-Release |