Out-of-Bounds Array Read/Write Vulnerability in Huawei Kernel Module
CVE-2025-46585

7HIGH

Key Information:

Vendor: Huawei
Status: Harmonyos
Vendor: CVE Published:; 6 May 2025

What is CVE-2025-46585?

The vulnerability in Huawei's kernel module arises from an out-of-bounds array read/write condition, potentially compromising system functionality and availability. Successful exploitation may allow an attacker to manipulate memory and adversely affect the performance or stability of affected systems.

Affected Version(s)

HarmonyOS 5.0.0

References

https://consumer.huawei.com/en/support/bulletin/2025/5/

CVSS V3.1

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 6, 2025
Vulnerability Reserved
Apr 25, 2025