A race condition in OpenHarmony kernel modules allows a local attacker to trigger a denial‑of‑service condition by causing the system to crash. The vulnerability is a classic synchronization flaw (CWE‑364) that can be exploited when concurrent operations access shared kernel data without proper locking, leading to an inconsistent state and eventual kernel panic.

The affected product is OpenHarmony maintained by the OpenHarmony community. Versions 6.0 and all earlier releases are vulnerable; a local attacker controlling the device may exploit the race condition. No specific patches are identified in the supplied data, so users should verify the latest release channel for a fix.

The CVSS score of 3.3 indicates low severity, and the EPSS score is not available, suggesting an uncertain but likely low probability of exploitation. The vulnerability requires local access only and is not listed in the CISA KEV catalog, so the risk to remote attackers is absent. Nevertheless, repeated local failures can disrupt device functionality, prompting attackers to use the denial of service to further compromise the device.