CVE-2023-4753

CVSS v3.1

3.9

Vector

AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L

Name of the Vulnerable Software and Affected Versions OpenHarmony versions 3.2.1 and prior

Description The issue is related to a system call function usage error and an mqueue undetected entries vulnerability in the liteos-a kernel. Local attackers can crash the kernel by providing error input.

Recommendations For OpenHarmony versions 3.2.1 and prior, consider restricting access to system call functions and the liteos-a kernel to minimize the risk of exploitation until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2023-4753

MGASA-2023-0269

Affected Products

Openharmony

Liteos-A

CVE-2023-4753

Weakness Enumeration

Related Identifiers

Affected Products

References · 10