Memory Leak Vulnerability in MPTCP Module of Huawei Devices
CVE-2022-39005

7.5HIGH

Key Information:

Vendor: Huawei
Status: Harmonyos; Emui; Magic Ui
Vendor: CVE Published:; 16 September 2022

What is CVE-2022-39005?

The MPTCP module in Huawei devices is affected by a memory leak vulnerability that may allow an attacker to exploit the system resulting in significant memory consumption issues. If successfully launched, this threat can lead to degraded performance and system instability, impacting the overall user experience. Users are advised to stay informed and apply patches as soon as they become available to mitigate potential risks.

Affected Version(s)

EMUI 12.0.0

EMUI 11.0.1

EMUI 11.0.0

References

https://device.harmonyos.com/en/docs/security/update/secu...

x_refsource_MISC

https://consumer.huawei.com/en/support/bulletin/2022/9/

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 16, 2022
Vulnerability Reserved
Aug 29, 2022