Memory Leak Vulnerability in MPTCP Module of Huawei Products
CVE-2022-39004

7.5HIGH

Key Information:

Vendor
Huawei
Status
Harmonyos
Emui
Magic Ui
Vendor
CVE Published:
16 September 2022

Summary

The MPTCP module in Huawei's software has been identified to have a memory leak vulnerability. Exploitation of this flaw may allow unauthorized access to memory resources, potentially leading to performance degradation and stability issues in affected devices. Users are advised to apply the necessary security updates to mitigate risks associated with this vulnerability.

Affected Version(s)

EMUI 12.0.0

EMUI 11.0.1

EMUI 11.0.0

References

https://device.harmonyos.com/en/docs/security/update/secu...
x_refsource_MISC
https://consumer.huawei.com/en/support/bulletin/2022/9/
x_refsource_MISC

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.