ByteOS Network

NVD Vulnerability Details :

CVE-2021-40015

Analyzed

Source-psirt@huawei.com

Published At-09 Feb, 2022 | 23:15

Updated At-16 Feb, 2022 | 02:19

There is a race condition vulnerability in the binder driver subsystem in the kernel.Successful exploitation of this vulnerability may affect kernel stability.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	3.1	4.7	MEDIUM	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Primary	2.0	1.9	LOW	AV:L/AC:M/Au:N/C:N/I:N/A:P

CPE Matches

Huawei Technologies Co., Ltd.

>>emui>>10.0.0

cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*

Huawei Technologies Co., Ltd.

>>emui>>10.1.0

cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*

Huawei Technologies Co., Ltd.

>>emui>>10.1.1

cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*

Huawei Technologies Co., Ltd.

>>emui>>11.0.0

cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*

Huawei Technologies Co., Ltd.

>>emui>>12.0.0

cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*

Huawei Technologies Co., Ltd.

>>harmonyos>>Versions before 2.0(exclusive)

cpe:2.3:o:huawei:harmonyos:*:*:*:*:*:*:*:*

Huawei Technologies Co., Ltd.

>>magic_ui>>3.0.0

cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*

Huawei Technologies Co., Ltd.

>>magic_ui>>3.1.0

cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*

Huawei Technologies Co., Ltd.

>>magic_ui>>3.1.1

cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*

Huawei Technologies Co., Ltd.

>>magic_ui>>4.0.0

cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-362	Primary	nvd@nist.gov

References

Hyperlink	Source	Resource
https://consumer.huawei.com/en/support/bulletin/2022/2/	psirt@huawei.com	Vendor Advisory
https://device.harmonyos.com/en/docs/security/update/security-bulletins-202202-0000001204253396	psirt@huawei.com	Vendor Advisory

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History