CVE-2022-48357Allocation of Resources Without Limits or Throttling in Huawei Emui

CWE-770Allocation of Resources Without Limits or Throttling3 documents3 sources
Severity
7.5HIGHNVD
EPSS
0.2%
top 59.02%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Huawei EmuiHuawei Harmonyos
Timeline
PublishedMar 27
Latest updateMar 28

Description

Some products have the double fetch vulnerability. Successful exploitation of this vulnerability may cause denial of service (DoS) attacks to the kernel.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages4 packages

CVEListV5huawei/emui4 versions+3
NVDhuawei/emui4 versions+3
CVEListV5huawei/harmonyos2.0.0, 2.0.1, 3.0.0+2
NVDhuawei/harmonyos2.0, 2.0.1, 3.0.0+2

🔴Vulnerability Details

2
GHSA
GHSA-998w-8vh9-h5jv: Some products have the double fetch vulnerability2023-03-28
CVEList
CVE-2022-48357: Some products have the double fetch vulnerability2023-03-27
CVE-2022-48357 — Huawei Emui vulnerability | cvebase