CVE-2024-47137

in OpenHarmony v4.1.0 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through out-of-bounds write.
Configurations

Configuration 1 (hide)

cpe:2.3:o:openatom:openharmony:*:*:*:*:-:*:*:*

History

06 Nov 2024, 15:26

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 8.4
v2 : unknown
v3 : 7.8
CPE cpe:2.3:o:openatom:openharmony:*:*:*:*:-:*:*:*
References () https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2024/2024-11.md - () https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2024/2024-11.md - Vendor Advisory
First Time Openatom
Openatom openharmony
Summary
  • (es) en OpenHarmony v4.1.0 y versiones anteriores, se permite que un atacante local haga que el permiso común se actualice a root y se filtre información confidencial mediante escritura fuera de los límites.

05 Nov 2024, 08:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-11-05 08:15

Updated : 2024-11-06 15:26


NVD link : CVE-2024-47137

Mitre link : CVE-2024-47137

CVE.ORG link : CVE-2024-47137


JSON object : View

Products Affected

openatom

  • openharmony
CWE
CWE-787

Out-of-bounds Write