| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| The th_read() function doesn’t free a variable t->th_buf.gnu_longname after allocating memory, which may cause a memory leak. |
| The th_read() function doesn’t free a variable t->th_buf.gnu_longlink after allocating memory, which may cause a memory leak. |
| An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc(0) for a variable gnu_longname, causing an out-of-bounds read. |
| An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc(0) for a variable gnu_longlink, causing an out-of-bounds read. |
| in OpenHarmony v4.1.2 and prior versions allow a local attacker cause DOS through use after free. |
| in OpenHarmony v4.1.2 and prior versions allow a local attacker cause the device is unable to boot up through out-of-bounds write. |
| in OpenHarmony v4.1.2 and prior versions allow a local attacker cause information leak through out-of-bounds Read. |
| in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds write. |
| in OpenHarmony v5.0.2 and prior versions allow a local attacker case DOS through missing release of memory. |
| in OpenHarmony v5.0.2 and prior versions allow a local attacker case DOS through missing release of memory. |
| in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through integer overflow. |
| in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read. |
| in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read. |
| in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read. |
| in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in tcb through use after free. |
| in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through missing release of memory. |
| in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through missing release of memory. |
| in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through improper input. |
| in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in tcb through race condition. |
| in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through NULL pointer dereference. |
