← Back

CVE-2021-22425

nvd nist
Published: Aug 3, 2021Modified: Nov 21, 2024

JSON object

Loading...
7.8
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Exploitability: 1.8 / Impact: 5.9
Source: NVD

Description

A component of the HarmonyOS has a Double Free vulnerability. Local attackers may exploit this vulnerability to cause Root Elevating Privileges.

Affected (1)

Products: Huawei: Harmonyos
Huawei
1 product
Harmonyos
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Harmonyos
All versions

Related CWEs

CWE-415
Double Free
The product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations.

References (2)

Source: psirt@huawei.com
Not ApplicableVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Not ApplicableVendor Advisory

Timeline

No history available yet.