CVE-2023-22301: The kernel subsystem hmdfs has a arbitrary memory accessing vulnerability.
First published: Fri Mar 10 2023(Updated: )
The kernel subsystem hmdfs within OpenHarmony-v3.1.5 and prior versions has an arbitrary memory accessing vulnerability which network attackers can launch a remote attack to obtain kernel memory data of the target system.
Credit: scy@openharmony.io scy@openharmony.io
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Openharmony Openharmony | >=3.1<=3.1.5 | |
| Openatom Openharmony | >=3.1<=3.1.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2023-22301.
What is the severity rating of CVE-2023-22301?
CVE-2023-22301 has a severity rating of 7.5 (High).
What is the affected software version of CVE-2023-22301?
The affected software version of CVE-2023-22301 is OpenHarmony-v3.1.5 and prior versions.
What is the CWE (Common Weakness Enumeration) ID for this vulnerability?
The CWE ID for this vulnerability is CWE-20.
How can an attacker exploit CVE-2023-22301?
An attacker can exploit CVE-2023-22301 by launching a remote attack to obtain kernel memory data of the target system.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/title
- agent/last-modified-date
- agent/severity
- agent/references
- agent/weakness
- agent/author
- agent/first-publish-date
- agent/event
- agent/description
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- vendor/openharmony
- canonical/openharmony openharmony
- version/openharmony openharmony/3.1
- version/openharmony openharmony/3.1.5
- vendor/openatom
- canonical/openatom openharmony
- version/openatom openharmony/3.1
- version/openatom openharmony/3.1.5