in OpenHarmony v4.0.0 and prior versions
allow an adjacent attacker arbitrary code execution in any apps through use after free.
References
| Link | Resource |
|---|---|
| https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2024/2024-02.md | Third Party Advisory |
| https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2024/2024-02.md | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 08:55
| Type | Values Removed | Values Added |
|---|---|---|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.2 |
| References | () https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2024/2024-02.md - Third Party Advisory |
09 Sep 2024, 12:21
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:a:openharmony:openharmony:*:*:*:*:-:*:*:* |
cpe:2.3:o:openatom:openharmony:*:*:*:*:-:*:*:* cpe:2.3:o:openatom:openharmony:4.0:*:*:*:-:*:*:* |
| First Time |
Openatom
Openatom openharmony |
07 Feb 2024, 18:23
| Type | Values Removed | Values Added |
|---|---|---|
| First Time |
Openharmony openharmony
Openharmony |
|
| CPE | cpe:2.3:a:openharmony:openharmony:4.0:*:*:*:-:*:*:* cpe:2.3:a:openharmony:openharmony:*:*:*:*:-:*:*:* |
|
| CWE | CWE-416 | |
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.8 |
| References | () https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2024/2024-02.md - Third Party Advisory |
02 Feb 2024, 07:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2024-02-02 07:15
Updated : 2024-11-21 08:55
NVD link : CVE-2024-21860
Mitre link : CVE-2024-21860
CVE.ORG link : CVE-2024-21860
JSON object : View
Products Affected
openatom
- openharmony
CWE
CWE-416
Use After Free