in OpenHarmony v4.0.0 and prior versions
allow an adjacent attacker arbitrary code execution in any apps through use after free.
References
Link | Resource |
---|---|
https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2024/2024-02.md | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
07 Feb 2024, 18:23
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:openharmony:openharmony:*:*:*:*:-:*:*:* cpe:2.3:a:openharmony:openharmony:4.0:*:*:*:-:*:*:* |
|
References | () https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2024/2024-02.md - Third Party Advisory | |
First Time |
Openharmony
Openharmony openharmony |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.8 |
02 Feb 2024, 13:36
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
02 Feb 2024, 07:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-02-02 07:15
Updated : 2024-02-07 18:23
NVD link : CVE-2024-21860
Mitre link : CVE-2024-21860
CVE.ORG link : CVE-2024-21860
JSON object : View
Products Affected
openharmony
- openharmony
CWE
CWE-416
Use After Free