CVE-2022-41686 Out-of-bound memory read and write in /dev/mmz_userdev device driver. The impact depends on the privileges of the attacker. The unprivileged process run on the device could read out-of-bound memory leading sensitive to information disclosure. The proc ...

🗓️ 14 Oct 2022 14:40:04Reported by OpenHarmonyType

CVE-2022-41686 Out-of-bound memory read and write in /dev/mmz_userdev device driver, affecting OpenHarmony-v3.1.2 and prior version

Reporter	Title	Published	Views	Family All 9
Circl	CVE-2022-41686	14 Oct 202218:29	–	circl
CNNVD	OpenHarmony 缓冲区错误漏洞	14 Oct 202200:00	–	cnnvd
CVE	CVE-2022-41686	14 Oct 202214:40	–	cve
EUVD	EUVD-2022-44871	3 Oct 202520:07	–	euvd
NVD	CVE-2022-41686	14 Oct 202215:16	–	nvd
OSV	CVE-2022-41686	14 Oct 202215:16	–	osv
Prion	Memory corruption	14 Oct 202215:16	–	prion
Positive Technologies	PT-2022-26025 · Unknown · Openharmony	14 Oct 202200:00	–	ptsecurity
Vulnrichment	CVE-2022-41686 Out-of-bound memory read and write in /dev/mmz_userdev device driver. The impact depends on the privileges of the attacker. The unprivileged process run on the device could read out-of-bound memory leading sensitive to information disclosure. The proc ...	14 Oct 202214:40	–	vulnrichment

[
  {
    "vendor": "OpenHarmony",
    "product": "OpenHarmony",
    "versions": [
      {
        "version": "OpenHarmony-v3.1.x-Release",
        "status": "affected",
        "lessThanOrEqual": "3.1.2",
        "versionType": "custom"
      },
      {
        "version": "OpenHarmony-v3.0.x-LTS",
        "status": "affected",
        "lessThanOrEqual": "3.0.6",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
gitee	www.gitee.com/openharmony/security/blob/master/en/security-disclosure/2022/2022-10.md

14 Oct 2022 00:00Current

5.2Medium risk

Vulners AI Score5.2

CVSS 3.15.1

EPSS0.00062

CWE-787