Vulnerability Details CVE-2022-41802
Kernel subsystem within OpenHarmony-v3.1.4 and prior versions in kernel_liteos_a has a kernel stack overflow vulnerability when call SysClockGetres. 4 bytes padding data from kernel stack are copied to user space incorrectly and leaked.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 24.3%
CVSS Severity
CVSS v3 Score 4.0
Products affected by CVE-2022-41802
-
cpe:2.3:a:openharmony:openharmony:3.1
-
cpe:2.3:a:openharmony:openharmony:3.1.1
-
cpe:2.3:a:openharmony:openharmony:3.1.2
-
cpe:2.3:a:openharmony:openharmony:3.1.3
-
cpe:2.3:a:openharmony:openharmony:3.1.4
-
cpe:2.3:o:openatom:openharmony:1.1.0
-
cpe:2.3:o:openatom:openharmony:1.1.1
-
cpe:2.3:o:openatom:openharmony:1.1.2
-
cpe:2.3:o:openatom:openharmony:1.1.3
-
cpe:2.3:o:openatom:openharmony:1.1.4
-
cpe:2.3:o:openatom:openharmony:1.1.5
-
cpe:2.3:o:openatom:openharmony:3.0
-
cpe:2.3:o:openatom:openharmony:3.0.1
-
cpe:2.3:o:openatom:openharmony:3.0.2
-
cpe:2.3:o:openatom:openharmony:3.0.3
-
cpe:2.3:o:openatom:openharmony:3.0.5
-
cpe:2.3:o:openatom:openharmony:3.0.6