[Security-bulletin] OpenHarmony 2023年02月安全公告 Security Vulnerabilities in Feburary 2023

7 Feb 2023

      2023年02月安全漏洞

发布于2022.02.07
最后更新于2022.02.07
漏洞编号

相关漏洞

漏洞描述

漏洞影响

CVSS3.1基础得分

受影响的版本

受影响的仓库

修复链接

参考链接

OpenHarmony-SA-2023-0201

CVE-2023-0083

ArkUI框架子系统未对入参进行类型检查导致类型混淆，造成访问非法内存。

攻击者可在本地内发起攻击，造成当前应用崩溃。

4.0

OpenHarmony-v3.1-Release 到 OpenHarmony-v3.1.5-Release
OpenHarmony-v3.0-LTS 到 OpenHarmony-v3.0.7-LTS

arkui_ace_engine

3.1.xhttps://gitee.com/openharmony/arkui_ace_engine/pulls/8872
3.0.xhttps://gitee.com/openharmony/arkui_ace_engine/pulls/8877

研究员上报

OpenHarmony-SA-2023-0202

CVE-2023-22301

内核子系统中hmdfs存在内核任意内存越界读漏洞。

攻击者可发起远程攻击，可获取目标系统的内核内存数据。

6.5

OpenHarmony-v3.1-Release 到 OpenHarmony-v3.1.5-Release

kernel_linux_5.10

3.1.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/656

研究员上报

OpenHarmony-SA-2023-0203

CVE-2023-22436

内核子系统中check_permission_for_set_tokenid函数中存在UAF漏洞。

本地攻击者利用该漏洞攻击可以权限提升，获得root权限。

7.8

OpenHarmony-v3.1-Release 到 OpenHarmony-v3.1.5-Release

kernel_linux_5.10

3.1.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/598

研究员上报

以下为三方库漏洞，只提供CVE、严重程度、受影响的OpenHarmony版本，详细信息请参考三方公告。
CVE

严重程度

受影响的OpenHarmony版本

修复链接

CVE-2022-2347

高

OpenHarmony-v3.1-Release到OpenHarmony-v3.1.4-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.7-LTS

3.1.xhttps://gitee.com/openharmony/third_party_u-boot/pulls/62
3.0.xhttps://gitee.com/openharmony/third_party_u-boot/pulls/63

CVE-2022-4135

严重

OpenHarmony-v3.1-Release到OpenHarmony-v3.1.5-Release

3.1.xhttps://gitee.com/openharmony/web_webview/pulls/546

CVE-2022-4186

中

OpenHarmony-v3.1-Release到OpenHarmony-v3.1.5-Release

3.1.xhttps://gitee.com/openharmony/web_webview/pulls/546

CVE-2022-4438

高

OpenHarmony-v3.1-Release到OpenHarmony-v3.1.5-Release

3.1.xhttps://gitee.com/openharmony/web_webview/pulls/546

CVE-2022-4437

高

OpenHarmony-v3.1-Release到OpenHarmony-v3.1.5-Release

3.1.xhttps://gitee.com/openharmony/web_webview/pulls/546

CVE-2022-4436

高

OpenHarmony-v3.1-Release到OpenHarmony-v3.1.5-Release

3.1.xhttps://gitee.com/openharmony/web_webview/pulls/546

CVE-2022-41218

中

OpenHarmony-v3.1-Release到OpenHarmony-v3.1.4-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.7-LTS

3.1.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/646
3.0.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/647

CVE-2022-3424

高

OpenHarmony-v3.1-Release到OpenHarmony-v3.1.5-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.7-LTS

3.1.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/646
3.0.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/647

CVE-2022-4129

中

OpenHarmony-v3.1-Release到OpenHarmony-v3.1.4-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.7-LTS

3.1.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/586
3.0.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/587

CVE-2022-42328

中

OpenHarmony-v3.1-Release到OpenHarmony-v3.1.5-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.7-LTS

3.1.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/646
3.0.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/647

CVE-2022-3643

严重

OpenHarmony-v3.1-Release到OpenHarmony-v3.1.5-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.7-LTS

3.1.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/646
3.0.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/647

CVE-2022-3105

中

OpenHarmony-v3.1-Release到OpenHarmony-v3.1.4-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.7-LTS

3.1.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/579
3.0.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/580

CVE-2022-3104

中

OpenHarmony-v3.1-Release到OpenHarmony-v3.1.4-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.7-LTS

3.1.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/579
3.0.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/580

CVE-2022-3115

中

OpenHarmony-v3.1-Release到OpenHarmony-v3.1.4-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.7-LTS

3.1.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/579
3.0.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/580

CVE-2022-3113

中

OpenHarmony-v3.1-Release到OpenHarmony-v3.1.4-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.7-LTS

3.1.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/579
3.0.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/580

CVE-2022-3112

中

OpenHarmony-v3.1-Release到OpenHarmony-v3.1.4-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.7-LTS

3.1.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/579
3.0.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/580

CVE-2022-3111

中

OpenHarmony-v3.1-Release到OpenHarmony-v3.1.4-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.7-LTS

3.1.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/584
3.0.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/585

CVE-2022-3108

中

OpenHarmony-v3.1-Release到OpenHarmony-v3.1.4-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.7-LTS

3.1.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/586
3.0.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/587

CVE-2022-3107

中

OpenHarmony-v3.1-Release到OpenHarmony-v3.1.4-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.7-LTS

3.1.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/590
3.0.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/591

CVE-2022-3106

中

OpenHarmony-v3.1-Release到OpenHarmony-v3.1.4-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.7-LTS

3.1.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/592
3.0.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/593

CVE-2022-47519

中

OpenHarmony-v3.1-Release到OpenHarmony-v3.1.4-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.7-LTS

3.1.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/586
3.0.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/587

CVE-2022-43551

中

OpenHarmony-v3.1-Release到OpenHarmony-v3.1.5-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.7-LTS
OpenHarmony-v1.1.0-Release到OpenHarmony-v1.1.5-LTS

3.1.xhttps://gitee.com/openharmony/third_party_curl/pulls/99
3.0.xhttps://gitee.com/openharmony/third_party_curl/pulls/100
1.1.xhttps://gitee.com/openharmony/third_party_curl/pulls/101

CVE-2022-43552

中

OpenHarmony-v3.1-Release到OpenHarmony-v3.1.5-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.7-LTS
OpenHarmony-v1.1.0-Release到OpenHarmony-v1.1.5-LTS

3.1.xhttps://gitee.com/openharmony/third_party_curl/pulls/99
3.0.xhttps://gitee.com/openharmony/third_party_curl/pulls/100
1.1.xhttps://gitee.com/openharmony/third_party_curl/pulls/101

CVE-2022-47518

中

OpenHarmony-v3.1-Release到OpenHarmony-v3.1.4-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.7-LTS

3.1.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/586
3.0.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/587

CVE-2022-47520

低

OpenHarmony-v3.1-Release到OpenHarmony-v3.1.4-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.7-LTS

3.1.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/586
3.0.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/587

CVE-2022-47521

中

OpenHarmony-v3.1-Release到OpenHarmony-v3.1.4-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.7-LTS

3.1.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/586
3.0.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/587

CVE-2022-3109

高

OpenHarmony-v3.1-Release到OpenHarmony-v3.1.5-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.7-LTS
OpenHarmony-v1.1.0-Release到OpenHarmony-v1.1.5-LTS

3.1.xhttps://gitee.com/openharmony/third_party_ffmpeg/pulls/71
3.0.xhttps://gitee.com/openharmony/third_party_ffmpeg/pulls/72
1.1.xhttps://gitee.com/openharmony/device_hisilicon_third_party_ffmpeg/pulls/18

CVE-2022-4662

中

OpenHarmony-v3.1-Release到OpenHarmony-v3.1.5-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.7-LTS

3.1.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/608
3.0.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/609

CVE-2022-3890

严重

OpenHarmony-v3.1-Release到OpenHarmony-v3.1.5-Release

3.1.xhttps://gitee.com/openharmony/web_webview/pulls/546

CVE-2022-20568

高

OpenHarmony-v3.1-Release到OpenHarmony-v3.1.5-Release
OpenHarmony-v3.0-LTS到OpenHarmony-v3.0.7-LTS

3.1.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/629
3.0.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/630

Security Vulnerabilities in Feburary 2023

published Feburary 7,2023
updated Feburary 7,2023
Vulnerability ID

related Vulnerability

Vulnerability Description

Vulnerability Impact

CVSS3.1 Base Score

affected versions

affected projects

fix link

reference

OpenHarmony-SA-2023-0201

CVE-2023-0083

The ArkUI framework subsystem doesn't check the input parameter,causing type confusion and invalid memory access.

Local attackers can exploit this vulnerability to send malicious data, causing the current application to crash.

4.0

OpenHarmony-v3.1-Release through OpenHarmony-v3.1.5-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.7-LTS

arkui_ace_engine

3.1.xhttps://gitee.com/openharmony/arkui_ace_engine/pulls/8872
3.0.xhttps://gitee.com/openharmony/arkui_ace_engine/pulls/8877

Reported by researchers

OpenHarmony-SA-2023-0202

CVE-2023-22301

The kernel subsystem hmdfs has a arbitrary memory accessing vulnerability.

Network attackers can launch a remote attack to obtain kernel memory data of the target system.

6.5

OpenHarmony-v3.1-Release through OpenHarmony-v3.1.5-Release

kernel_linux_5.10

3.1.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/656

Reported by researchers

OpenHarmony-SA-2023-0203

CVE-2023-22436

The kernel subsystem function check_permission_for_set_tokenid has an UAF vulnerability.

Local attackers can exploit this vulnerability to escalate the privilege to root.

7.8

OpenHarmony-v3.1-Release through OpenHarmony-v3.1.5-Release

kernel_linux_5.10

3.1.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/598

Reported by researchers

The following table lists the third-party library vulnerabilities with only the CVE, severity, and affected OpenHarmony versions provided. For more details, see the security bulletins released by third-parties.
CVE

severity

affected OpenHarmony versions

fix link

CVE-2022-2347

High

OpenHarmony-v3.1-Release through OpenHarmony-v3.1.4-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.7-LTS

3.1.xhttps://gitee.com/openharmony/third_party_u-boot/pulls/62
3.0.xhttps://gitee.com/openharmony/third_party_u-boot/pulls/63

CVE-2022-4135

Critical

OpenHarmony-v3.1-Release through OpenHarmony-v3.1.5-Release

3.1.xhttps://gitee.com/openharmony/web_webview/pulls/546

CVE-2022-4186

Medium

OpenHarmony-v3.1-Release through OpenHarmony-v3.1.5-Release

3.1.xhttps://gitee.com/openharmony/web_webview/pulls/546

CVE-2022-4438

High

OpenHarmony-v3.1-Release through OpenHarmony-v3.1.5-Release

3.1.xhttps://gitee.com/openharmony/web_webview/pulls/546

CVE-2022-4437

High

OpenHarmony-v3.1-Release through OpenHarmony-v3.1.5-Release

3.1.xhttps://gitee.com/openharmony/web_webview/pulls/546

CVE-2022-4436

High

OpenHarmony-v3.1-Release through OpenHarmony-v3.1.5-Release

3.1.xhttps://gitee.com/openharmony/web_webview/pulls/546

CVE-2022-41218

Medium

OpenHarmony-v3.1-Release through OpenHarmony-v3.1.4-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.7-LTS

3.1.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/646
3.0.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/647

CVE-2022-3424

High

OpenHarmony-v3.1-Release through OpenHarmony-v3.1.5-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.7-LTS

3.1.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/646
3.0.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/647

CVE-2022-4129

Medium

OpenHarmony-v3.1-Release through OpenHarmony-v3.1.4-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.7-LTS

3.1.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/586
3.0.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/587

CVE-2022-42328

Medium

OpenHarmony-v3.1-Release through OpenHarmony-v3.1.5-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.7-LTS

3.1.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/646
3.0.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/647

CVE-2022-3643

Critical

OpenHarmony-v3.1-Release through OpenHarmony-v3.1.5-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.7-LTS

3.1.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/646
3.0.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/647

CVE-2022-3105

Medium

OpenHarmony-v3.1-Release through OpenHarmony-v3.1.4-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.7-LTS

3.1.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/579
3.0.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/580

CVE-2022-3104

Medium

OpenHarmony-v3.1-Release through OpenHarmony-v3.1.4-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.7-LTS

3.1.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/579
3.0.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/580

CVE-2022-3115

Medium

OpenHarmony-v3.1-Release through OpenHarmony-v3.1.4-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.7-LTS

3.1.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/579
3.0.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/580

CVE-2022-3113

Medium

OpenHarmony-v3.1-Release through OpenHarmony-v3.1.4-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.7-LTS

3.1.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/579
3.0.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/580

CVE-2022-3112

Medium

OpenHarmony-v3.1-Release through OpenHarmony-v3.1.4-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.7-LTS

3.1.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/579
3.0.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/580

CVE-2022-3111

Medium

OpenHarmony-v3.1-Release through OpenHarmony-v3.1.4-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.7-LTS

3.1.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/584
3.0.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/585

CVE-2022-3108

Medium

OpenHarmony-v3.1-Release through OpenHarmony-v3.1.4-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.7-LTS

3.1.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/586
3.0.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/587

CVE-2022-3107

Medium

OpenHarmony-v3.1-Release through OpenHarmony-v3.1.4-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.7-LTS

3.1.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/590
3.0.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/591

CVE-2022-3106

Medium

OpenHarmony-v3.1-Release through OpenHarmony-v3.1.4-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.7-LTS

3.1.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/592
3.0.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/593

CVE-2022-47519

Medium

OpenHarmony-v3.1-Release through OpenHarmony-v3.1.4-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.7-LTS

3.1.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/586
3.0.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/587

CVE-2022-43551

Medium

OpenHarmony-v3.1-Release through OpenHarmony-v3.1.5-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.7-LTS
OpenHarmony-v1.1.0-Release through OpenHarmony-v1.1.5-LTS

3.1.xhttps://gitee.com/openharmony/third_party_curl/pulls/99
3.0.xhttps://gitee.com/openharmony/third_party_curl/pulls/100
1.1.xhttps://gitee.com/openharmony/third_party_curl/pulls/101

CVE-2022-43552

Medium

OpenHarmony-v3.1-Release through OpenHarmony-v3.1.5-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.7-LTS
OpenHarmony-v1.1.0-Release through OpenHarmony-v1.1.5-LTS

3.1.xhttps://gitee.com/openharmony/third_party_curl/pulls/99
3.0.xhttps://gitee.com/openharmony/third_party_curl/pulls/100
1.1.xhttps://gitee.com/openharmony/third_party_curl/pulls/101

CVE-2022-47518

Medium

OpenHarmony-v3.1-Release through OpenHarmony-v3.1.4-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.7-LTS

3.1.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/586
3.0.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/587

CVE-2022-47520

Low

OpenHarmony-v3.1-Release through OpenHarmony-v3.1.4-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.7-LTS

3.1.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/586
3.0.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/587

CVE-2022-47521

Medium

OpenHarmony-v3.1-Release through OpenHarmony-v3.1.4-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.7-LTS

3.1.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/586
3.0.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/587

CVE-2022-3109

High

OpenHarmony-v3.1-Release through OpenHarmony-v3.1.5-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.7-LTS
OpenHarmony-v1.1.0-Release through OpenHarmony-v1.1.5-LTS

3.1.xhttps://gitee.com/openharmony/third_party_ffmpeg/pulls/71
3.0.xhttps://gitee.com/openharmony/third_party_ffmpeg/pulls/72
1.1.xhttps://gitee.com/openharmony/device_hisilicon_third_party_ffmpeg/pulls/18

CVE-2022-4662

Medium

OpenHarmony-v3.1-Release through OpenHarmony-v3.1.5-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.7-LTS

3.1.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/608
3.0.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/609

CVE-2022-3890

Critical

OpenHarmony-v3.1-Release through OpenHarmony-v3.1.5-Release

3.1.xhttps://gitee.com/openharmony/web_webview/pulls/546

CVE-2022-20568

High

OpenHarmony-v3.1-Release through OpenHarmony-v3.1.5-Release
OpenHarmony-v3.0-LTS through OpenHarmony-v3.0.7-LTS

3.1.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/629
3.0.xhttps://gitee.com/openharmony/kernel_linux_5.10/pulls/630

[Security-bulletin] OpenHarmony 2023年02月安全公告 Security Vulnerabilities in Feburary 2023

Liuxu (louis)