| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| The th_read() function doesn’t free a variable t->th_buf.gnu_longname after allocating memory, which may cause a memory leak. |
| The th_read() function doesn’t free a variable t->th_buf.gnu_longlink after allocating memory, which may cause a memory leak. |
| An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc(0) for a variable gnu_longname, causing an out-of-bounds read. |
| An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc(0) for a variable gnu_longlink, causing an out-of-bounds read. |
| in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in tcb through use after free. |
| in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through missing release of memory. |
| in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through missing release of memory. |
| in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through improper input. |
| in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in tcb through race condition. |
| in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through NULL pointer dereference. |
| in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in tcb through use after free. |
| in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOS through type confusion. |
| in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through missing release of memory. |
| in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in tcb through race condition. |
|
in OpenHarmony v3.2.2 and prior versions allow a local attacker cause multimedia audio crash through modify a released pointer. |
|
in OpenHarmony v3.2.2 and prior versions allow a local attacker cause multimedia player crash through modify a released pointer. |
| in OpenHarmony v5.0.3 and prior versions allow a local attacker cause apps crash through type confusion. |
| in OpenHarmony v5.0.3 and prior versions allow a local attacker cause apps crash through type confusion. |
| in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOS through out-of-bounds read. |
| in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through race condition. |
