CVE-2023-22436 - OpenCVE

The kernel subsystem function check_permission_for_set_tokenid within OpenHarmony-v3.1.5 and prior versions has an UAF vulnerability which local attackers can exploit this vulnerability to escalate the privilege to root.

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Openharmony	Openharmony

Configuration 1 [-]

cpe:2.3:a:openharmony:openharmony:*:*:*:*:-:*:*:*

References

Link	Resource
https://gitee.com/openharmony/security/blob/master/en/security-disclosure/2023/2023-02.md	Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: OpenHarmony

Published: 2023-03-10T10:44:55.029Z

Updated: 2023-03-10T10:44:55.029Z

Reserved: 2023-01-05T12:23:16.628Z

Link: CVE-2023-22436

JSON object: View

NVD Information

Status : Modified

Published: 2023-03-10T11:15:12.220

Modified: 2023-11-07T04:06:54.037

Link: CVE-2023-22436

JSON object: View

Redhat Information

No data.

CWE

{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"cveId": "CVE-2023-22436", "assignerOrgId": "0cf5dd6e-1214-4398-a481-30441e48fafd", "state": "PUBLISHED", "assignerShortName": "OpenHarmony", "dateReserved": "2023-01-05T12:23:16.628Z", "datePublished": "2023-03-10T10:44:55.029Z", "dateUpdated": "2023-03-10T10:44:55.029Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "OpenHarmony", "vendor": "OpenHarmony", "versions": [{"lessThanOrEqual": "3.1.5", "status": "affected", "version": "3.1", "versionType": "custom"}]}], "datePublic": "2023-03-11T00:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "The kernel subsystem function check_permission_for_set_tokenid within OpenHarmony-v3.1.5 and prior versions has an \n\n<span style=\"background-color: rgb(255, 255, 255);\">UAF </span>vulnerability which local attackers can exploit this vulnerability to escalate the privilege to root.<br>"}], "value": "The kernel subsystem function check_permission_for_set_tokenid within OpenHarmony-v3.1.5 and prior versions\u00a0has an \n\nUAF\u00a0vulnerability which local attackers can exploit this vulnerability to escalate the privilege to root.\n"}], "impacts": [{"capecId": "CAPEC-92", "descriptions": [{"lang": "en", "value": "CAPEC-92 Forced Integer Overflow"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-190", "description": "CWE-190 Integer Overflow or Wraparound", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "0cf5dd6e-1214-4398-a481-30441e48fafd", "shortName": "OpenHarmony", "dateUpdated": "2023-03-10T10:44:55.029Z"}, "references": [{"url": "https://gitee.com/openharmony/security/blob/master/en/security-disclosure/2023/2023-02.md"}], "source": {"discovery": "UNKNOWN"}, "title": "The kernel subsystem function check_permission_for_set_tokenid has an UAF vulnerability.", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}}}