Vulnerabilities > Openatom

DATE CVE VULNERABILITY TITLE RISK
2022-09-09 CVE-2022-36423 Out-of-bounds Write vulnerability in multiple products
OpenHarmony-v3.1.2 and prior versions have an incorrect configuration of the cJSON library, which leads a Stack overflow vulnerability during recursive parsing.
low complexity
openharmony openatom CWE-787
7.4
7.4
2022-09-09 CVE-2022-38701 Out-of-bounds Write vulnerability in multiple products
OpenHarmony-v3.1.2 and prior versions have a heap overflow vulnerability.
local
low complexity
openharmony openatom CWE-787
3.3
3.3
2022-08-10 CVE-2021-33643 Out-of-bounds Read vulnerability in multiple products
An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc(0) for a variable gnu_longlink, causing an out-of-bounds read.
network
low complexity
feep openatom fedoraproject CWE-125
critical
 9.1
9.1
2022-08-10 CVE-2021-33644 Out-of-bounds Read vulnerability in multiple products
An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc(0) for a variable gnu_longname, causing an out-of-bounds read.
network
low complexity
feep openatom fedoraproject CWE-125
8.1
8.1
2022-08-10 CVE-2021-33645 Memory Leak vulnerability in multiple products
The th_read() function doesn’t free a variable t->th_buf.gnu_longlink after allocating memory, which may cause a memory leak.
network
low complexity
feep openatom fedoraproject CWE-401
7.5
7.5
2022-08-10 CVE-2021-33646 Memory Leak vulnerability in multiple products
The th_read() function doesn’t free a variable t->th_buf.gnu_longname after allocating memory, which may cause a memory leak.
network
low complexity
feep openatom fedoraproject CWE-401
7.5
7.5
2022-07-18 CVE-2021-33656 Out-of-bounds Write vulnerability in multiple products
When setting font with malicous data by ioctl cmd PIO_FONT,kernel will write memory out of bounds.
low complexity
openatom linux debian CWE-787
6.8
6.8