Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Kernel subsystem in kernel_liteos_a has a kernel stack overflow vulnerability when call SysClockGettime.
Vulnerability Description
Kernel subsystem within OpenHarmony-v3.1.4 and prior versions in kernel_liteos_a has a kernel stack overflow vulnerability when call SysClockGettime. 4 bytes padding data from kernel stack are copied to user space incorrectly and leaked.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Vulnerability Type
未进行输入大小检查的缓冲区拷贝(传统缓冲区溢出)
Vulnerability Title
OpenHarmony 缓冲区错误漏洞
Vulnerability Description
OpenHarmony是中国开放原子开源基金会(OpenAtom Foundation)基金会的一种鸿蒙操作系统的开源项目。 OpenHarmony-v3.1.4版本及之前版本存在安全漏洞,该漏洞源于内核子系统在调用SysClockGettime时存在内核堆栈溢出漏洞。
CVSS Information
N/A
Vulnerability Type
N/A