CVE-2025-53171Stack-based Buffer Overflow in Huawei Harmonyos

CWE-121Stack-based Buffer OverflowCWE-416Use After Free4 documents4 sources
Severity
3.3LOWNVD
CNA4.0
EPSS
0.0%
top 96.34%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Huawei Harmonyos
Timeline
PublishedJul 7

Description

Stack overflow risk when vector images are parsed during file preview Impact: Successful exploitation of this vulnerability may affect the file preview function.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:LExploitability: 1.8 | Impact: 1.4

Affected Packages2 packages

CVEListV5huawei/harmonyos5.0.1, 5.1.0+1
NVDhuawei/harmonyos5.0.1, 5.1.0+1

🔴Vulnerability Details

2
GHSA
GHSA-7435-frq8-cc7v: Stack overflow risk when vector images are parsed during file preview Impact: Successful exploitation of this vulnerability may affect the file previe2025-07-07
CVEList
CVE-2025-53171: Stack overflow risk when vector images are parsed during file preview Impact: Successful exploitation of this vulnerability may affect the file previe2025-07-07

📋Vendor Advisories

1
Microsoft
ubifs: authentication: Fix use-after-free in ubifs_tnc_end_commit2024-12-10
CVE-2025-53171 — Stack-based Buffer Overflow in Huawei | cvebase