CVE-2022-45126 - OpenCVE

Kernel subsystem within OpenHarmony-v3.1.4 and prior versions in kernel_liteos_a has a kernel stack overflow vulnerability when call SysClockGettime. 4 bytes padding data from kernel stack are copied to user space incorrectly and leaked.

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Openharmony	Openharmony

Configuration 1 [-]

OR	cpe:2.3:a:openharmony:openharmony:::::lts:::*
	cpe:2.3:a:openharmony:openharmony:::::lts:::*
	cpe:2.3:a:openharmony:openharmony::::::::

References

Link	Resource
https://gitee.com/openharmony/security/blob/master/en/security-disclosure/2022/2022-12.md	Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: OpenHarmony

Published: 2023-01-09T02:22:23.465Z

Updated:

Reserved: 2022-11-24T11:48:41.242Z

Link: CVE-2022-45126

JSON object: View

NVD Information

Status : Analyzed

Published: 2023-01-09T03:15:09.427

Modified: 2023-01-12T21:10:36.103

Link: CVE-2022-45126

JSON object: View

Redhat Information

No data.

CWE

{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"cveId": "CVE-2022-45126", "assignerOrgId": "0cf5dd6e-1214-4398-a481-30441e48fafd", "state": "PUBLISHED", "assignerShortName": "OpenHarmony", "dateReserved": "2022-11-24T11:48:41.242Z", "datePublished": "2023-01-09T02:22:23.465Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "OpenHarmony", "vendor": "OpenHarmony", "versions": [{"lessThanOrEqual": "3.1.4", "status": "affected", "version": "3.1.0", "versionType": "custom"}, {"lessThanOrEqual": "3.0.6", "status": "affected", "version": "3.0.0", "versionType": "custom"}, {"lessThanOrEqual": "1.1.5", "status": "affected", "version": "1.1.0", "versionType": "custom"}]}], "datePublic": "2023-01-03T00:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Kernel subsystem within OpenHarmony-v3.1.4 and prior versions in kernel_liteos_a has a kernel stack overflow vulnerability when call SysClockGettime. 4 bytes padding data from kernel stack are copied to user space incorrectly and leaked."}], "value": "Kernel subsystem within OpenHarmony-v3.1.4 and prior versions in kernel_liteos_a has a kernel stack overflow vulnerability when call SysClockGettime. 4 bytes padding data from kernel stack are copied to user space incorrectly and leaked."}], "impacts": [{"capecId": "CAPEC-131", "descriptions": [{"lang": "en", "value": "CAPEC-131 Resource Leak Exposure"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-120", "description": "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "0cf5dd6e-1214-4398-a481-30441e48fafd", "shortName": "OpenHarmony", "dateUpdated": "2023-01-09T02:22:23.465Z"}, "references": [{"url": "https://gitee.com/openharmony/security/blob/master/en/security-disclosure/2022/2022-12.md"}], "source": {"discovery": "UNKNOWN"}, "title": "Kernel subsystem in kernel_liteos_a has a kernel stack overflow vulnerability when call SysClockGettime.", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:openharmony:openharmony:*:*:*:*:lts:*:*:*", "matchCriteriaId": "99040A1C-1B01-47C5-8B76-8316F0932974", "versionEndIncluding": "1.1.5", "versionStartIncluding": "1.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:openharmony:openharmony:*:*:*:*:lts:*:*:*", "matchCriteriaId": "B6191ACD-4550-4E57-B349-7D8300CF6DB0", "versionEndIncluding": "3.0.6", "versionStartIncluding": "3.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:openharmony:openharmony:*:*:*:*:*:*:*:*", "matchCriteriaId": "E808FE2D-D1CB-44EE-9AE4-4A456361B2AA", "versionEndIncluding": "3.1.4", "versionStartIncluding": "3.1.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Kernel subsystem within OpenHarmony-v3.1.4 and prior versions in kernel_liteos_a has a kernel stack overflow vulnerability when call SysClockGettime. 4 bytes padding data from kernel stack are copied to user space incorrectly and leaked."}, {"lang": "es", "value": "El subsistema del kernel dentro de OpenHarmony-v3.1.4 y versiones anteriores en kernel_liteos_a tiene una vulnerabilidad de desbordamiento de la pila del kernel cuando se llama a SysClockGettime. Los datos de relleno de 4 bytes de la pila del kernel se copian incorrectamente en el espacio del usuario y se filtran."}], "id": "CVE-2022-45126", "lastModified": "2023-01-12T21:10:36.103", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 4.0, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 2.5, "impactScore": 1.4, "source": "scy@openharmony.io", "type": "Secondary"}]}, "published": "2023-01-09T03:15:09.427", "references": [{"source": "scy@openharmony.io", "tags": ["Third Party Advisory"], "url": "https://gitee.com/openharmony/security/blob/master/en/security-disclosure/2022/2022-12.md"}], "sourceIdentifier": "scy@openharmony.io", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-120"}], "source": "scy@openharmony.io", "type": "Secondary"}]}