CVE-2023-4753

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2023-4753
OpenHarmony v3.2.1 and prior version has a system call function usage error. Local attackers can crash kernel by the error input.

3.9 /10

CVSS v3 : LOW

V3 Legend

Vector :

Exploitability : 1.3 / Impact : 2.5

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction REQUIRED

Confidentiality Impact NONE

Integrity Impact LOW

Availability Impact LOW

Scope UNCHANGED

References
Link Resource
https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2023/2023-11.md Broken Link
https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2023/2023-11.md Broken Link
Configurations

Configuration 1 (hide)

cpe:2.3:o:openatom:openharmony:*:*:*:*:-:*:*:*
History

21 Nov 2024, 08:35

Type Values Removed Values Added
References () https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2023/2023-11.md - Broken Link () https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2023/2023-11.md - Broken Link
CVSS v2 : unknown
v3 : 5.5 		v2 : unknown
v3 : 3.9

09 Sep 2024, 12:21

Type Values Removed Values Added
First Time Openatom
Openatom openharmony
CPE cpe:2.3:a:openharmony:openharmony:*:*:*:*:-:*:*:* cpe:2.3:o:openatom:openharmony:*:*:*:*:-:*:*:*

26 Oct 2023, 08:15

Type Values Removed Values Added
Summary OpenHarmony v3.2.1 and prior version has a liteos-a kernel may crash caused by mqueue undetected entries vulnerability. Local attackers can crash liteos-a kernel by the error input  OpenHarmony v3.2.1 and prior version has a system call function usage error. Local attackers can crash kernel by the error input.

22 Sep 2023, 13:50

Type Values Removed Values Added
First Time Openharmony
Openharmony openharmony
References (MISC) https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2023/2023-11.md - (MISC) https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2023/2023-11.md - Broken Link
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 5.5
CPE cpe:2.3:a:openharmony:openharmony:*:*:*:*:-:*:*:*
CWE NVD-CWE-noinfo

21 Sep 2023, 10:15

Type Values Removed Values Added
New CVE
Information

Published : 2023-09-21 10:15

Updated : 2024-11-21 08:35

NVD link : CVE-2023-4753

Mitre link : CVE-2023-4753

CVE.ORG link : CVE-2023-4753

JSON object : View

Products Affected

openatom

  • openharmony
CWE
CWE-20

Improper Input Validation

NVD-CWE-noinfo