High severity7.8NVD Advisory· Published Mar 10, 2023· Updated Jun 17, 2026
CVE-2023-22436
CVE-2023-22436
Description
The kernel subsystem function check_permission_for_set_tokenid within OpenHarmony-v3.1.5 and prior versions has an
UAF vulnerability which local attackers can exploit this vulnerability to escalate the privilege to root.
Affected products
2<=3.1.5+ 1 more
- (no CPE)range: <=3.1.5
- (no CPE)range: 3.1
Patches
Vulnerability mechanics
References
1- gitee.com/openharmony/security/blob/master/en/security-disclosure/2023/2023-02.mdnvdThird Party Advisory
News mentions
0No linked articles in our index yet.