CVE-2024-39672Use After Free in Huawei Emui

CWE-416Use After Free3 documents3 sources
Severity
7.1HIGHNVD
CNA8.4
EPSS
0.1%
top 75.31%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Huawei EmuiHuawei Harmonyos
Timeline
PublishedJul 25

Description

Memory request logic vulnerability in the memory module. Impact: Successful exploitation of this vulnerability will affect integrity and availability.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:HExploitability: 1.8 | Impact: 5.2

Affected Packages4 packages

CVEListV5huawei/emui14.0.0
NVDhuawei/emui14.0.0
CVEListV5huawei/harmonyos4.0.0, 4.2.0+1
NVDhuawei/harmonyos4.0.0, 4.2.0+1

🔴Vulnerability Details

2
CVEList
CVE-2024-39672: Memory request logic vulnerability in the memory module2024-07-25
GHSA
GHSA-5p3h-jv56-rj58: Memory request logic vulnerability in the memory module2024-07-25
CVE-2024-39672 — Use After Free in Huawei Emui | cvebase