CVE-2023-4753

OpenHarmony v3.2.1 and prior version has a system call function usage error. Local attackers can crash kernel by the error input.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2023/2023-11.md	Broken Link

Configurations

Configuration 1 (hide)

cpe:2.3:a:openharmony:openharmony:*:*:*:*:-:*:*:*

History

26 Oct 2023, 08:15

Type	Values Removed	Values Added
Summary	~~OpenHarmony v3.2.1 and prior version has a liteos-a kernel may crash caused by mqueue undetected entries vulnerability. Local attackers can crash liteos-a kernel by the error input~~	OpenHarmony v3.2.1 and prior version has a system call function usage error. Local attackers can crash kernel by the error input.

22 Sep 2023, 13:50

Type	Values Removed	Values Added
CWE		NVD-CWE-noinfo
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.5
First Time		Openharmony Openharmony openharmony
CPE		cpe:2.3:a:openharmony:openharmony:::::-:::*
References	~~(MISC) https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2023/2023-11.md -~~	(MISC) https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2023/2023-11.md - Broken Link

21 Sep 2023, 10:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2023-09-21 10:15

Updated : 2024-01-12 20:46

NVD link : CVE-2023-4753

Mitre link : CVE-2023-4753

CVE.ORG link : CVE-2023-4753

JSON object : View

Products Affected

openharmony

openharmony

CWE

NVD-CWE-noinfo CWE-20

Improper Input Validation

5.5 /10