Kernel subsystem within OpenHarmony-v3.1.4 and prior versions in kernel_liteos_a has a kernel stack overflow vulnerability when call SysClockGetres. 4 bytes padding data from kernel stack are copied to user space incorrectly and leaked.
History

Mon, 09 Sep 2024 12:45:00 +0000

Type Values Removed Values Added
First Time appeared Openatom
Openatom openharmony
CPEs cpe:2.3:a:openharmony:openharmony:*:*:*:*:lts:*:*:* cpe:2.3:o:openatom:openharmony:*:*:*:*:lts:*:*:*
Vendors & Products Openatom
Openatom openharmony

cve-icon MITRE

Status: PUBLISHED

Assigner: OpenHarmony

Published: 2022-12-08T00:00:00

Updated: 2024-08-03T12:56:38.164Z

Reserved: 2022-11-24T00:00:00

Link: CVE-2022-41802

cve-icon Vulnrichment

Updated: 2024-08-03T12:56:38.164Z

cve-icon NVD

Status : Analyzed

Published: 2022-12-08T16:15:13.357

Modified: 2024-09-09T12:21:53.383

Link: CVE-2022-41802

cve-icon Redhat

No data.