CVE-2022-41686 - OpenCVE

OpenHarmony-v3.1.2 and prior versions, 3.0.6 and prior versions have an Out-of-bound memory read and write vulnerability in /dev/mmz_userdev device driver. The impact depends on the privileges of the attacker. The unprivileged process run on the device could read out-of-bound memory leading sensitive to information disclosure. The processes with system user UID run on the device would be able to write out-of-bound memory which could lead to unspecified memory corruption.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Openatom	Openharmony
Openharmony	Openharmony

Configuration 1 [-]

OR	cpe:2.3:a:openharmony:openharmony:::::long_term_support:::*
	cpe:2.3:o:openatom:openharmony:::::-:::*

No data.

References

Link	Providers
https://gitee.com/openharmony/security/blob/master/en/security-disclosure/2022/2022-10.md

History

Mon, 09 Sep 2024 12:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Openatom Openatom openharmony
CPEs	cpe:2.3:a:openharmony:openharmony:::::-:::*	cpe:2.3:o:openatom:openharmony:::::-:::*
Vendors & Products		Openatom Openatom openharmony

MITRE

Status: PUBLISHED

Assigner: OpenHarmony

Published: 2022-10-14T14:40:04.568847Z

Updated: 2024-09-17T03:03:30.412Z

Reserved: 2022-10-08T00:00:00

Link: CVE-2022-41686

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2022-10-14T15:16:20.347

Modified: 2024-09-09T12:21:53.383

Link: CVE-2022-41686

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2022-41686", "assignerOrgId": "0cf5dd6e-1214-4398-a481-30441e48fafd", "assignerShortName": "OpenHarmony", "datePublished": "2022-10-14T14:40:04.568847Z", "dateUpdated": "2024-09-17T03:03:30.412Z", "dateReserved": "2022-10-08T00:00:00"}, "containers": {"cna": {"title": "Out-of-bound memory read and write in /dev/mmz_userdev device driver. The impact depends on the privileges of the attacker. The unprivileged process run on the device could read out-of-bound memory leading sensitive to information disclosure. The proc ...", "datePublic": "2022-10-11T00:00:00", "providerMetadata": {"orgId": "0cf5dd6e-1214-4398-a481-30441e48fafd", "shortName": "OpenHarmony", "dateUpdated": "2022-10-14T00:00:00"}, "descriptions": [{"lang": "en", "value": "OpenHarmony-v3.1.2 and prior versions, 3.0.6 and prior versions have an Out-of-bound memory read and write vulnerability in /dev/mmz_userdev device driver. The impact depends on the privileges of the attacker. The unprivileged process run on the device could read out-of-bound memory leading sensitive to information disclosure. The processes with system user UID run on the device would be able to write out-of-bound memory which could lead to unspecified memory corruption."}], "affected": [{"vendor": "OpenHarmony", "product": "OpenHarmony", "versions": [{"version": "OpenHarmony-v3.1.x-Release", "status": "affected", "lessThanOrEqual": "3.1.2", "versionType": "custom"}, {"version": "OpenHarmony-v3.0.x-LTS", "status": "affected", "lessThanOrEqual": "3.0.6", "versionType": "custom"}]}], "references": [{"url": "https://gitee.com/openharmony/security/blob/master/en/security-disclosure/2022/2022-10.md"}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE", "baseScore": 5.1, "baseSeverity": "MEDIUM"}}], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-787 Out-of-bounds Write", "cweId": "CWE-787"}]}], "x_generator": {"engine": "Vulnogram 0.0.9"}, "source": {"discovery": "UNKNOWN"}, "x_ConverterErrors": {"TITLE": {"error": "TITLE too long. Truncating in v5 record.", "message": "Truncated!"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T12:49:43.526Z"}, "title": "CVE Program Container", "references": [{"url": "https://gitee.com/openharmony/security/blob/master/en/security-disclosure/2022/2022-10.md", "tags": ["x_transferred"]}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:openharmony:openharmony:*:*:*:*:long_term_support:*:*:*", "matchCriteriaId": "9883900A-457C-4533-B08F-A34DB70346DA", "versionEndIncluding": "3.0.6", "versionStartIncluding": "3.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:openatom:openharmony:*:*:*:*:-:*:*:*", "matchCriteriaId": "1851DC7A-A8D5-46D9-BC51-ED8152B8F345", "versionEndIncluding": "3.1.2", "versionStartIncluding": "3.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "OpenHarmony-v3.1.2 and prior versions, 3.0.6 and prior versions have an Out-of-bound memory read and write vulnerability in /dev/mmz_userdev device driver. The impact depends on the privileges of the attacker. The unprivileged process run on the device could read out-of-bound memory leading sensitive to information disclosure. The processes with system user UID run on the device would be able to write out-of-bound memory which could lead to unspecified memory corruption."}, {"lang": "es", "value": "OpenHarmony versiones v3.1.2 y versiones anteriores, 3.0.6 y versiones anteriores, presentan una vulnerabilidad de lectura y escritura de memoria fuera de l\u00edmites en el controlador de dispositivo /dev/mmz_userdev. El impacto depende de los privilegios del atacante. El proceso no privilegiado que es ejecutado en el dispositivo podr\u00eda leer memoria fuera de l\u00edmites, conllevando a una revelaci\u00f3n de informaci\u00f3n confidencial. Los procesos con UID de usuario del sistema que es ejecutadon en el dispositivo podr\u00edan escribir memoria fuera de l\u00edmites, lo que podr\u00eda conllevar a una corrupci\u00f3n de memoria no especificada"}], "id": "CVE-2022-41686", "lastModified": "2024-09-09T12:21:53.383", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 2.5, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.5, "impactScore": 2.5, "source": "scy@openharmony.io", "type": "Secondary"}]}, "published": "2022-10-14T15:16:20.347", "references": [{"source": "scy@openharmony.io", "tags": ["Third Party Advisory"], "url": "https://gitee.com/openharmony/security/blob/master/en/security-disclosure/2022/2022-10.md"}], "sourceIdentifier": "scy@openharmony.io", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-125"}, {"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-787"}], "source": "scy@openharmony.io", "type": "Secondary"}]}