Double Free
CVE-2021-22425
Summary
A component of the HarmonyOS has a Double Free vulnerability. Local attackers may exploit this vulnerability to cause Root Elevating Privileges.
- LOW
- LOCAL
- HIGH
- UNCHANGED
- NONE
- LOW
- HIGH
- HIGH
CWE-415 - Double Free
The product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations.
References
Advisory Timeline
- Published