How severe is CVE-2022-48297?

CVE-2022-48297 has a CVSS v3 score of 7.5 (HIGH).

CVE-2022-48297

Name: harmonyos
Author: huawei

7.5HIGH

The geofencing kernel code has a vulnerability of not verifying the length of the input data. Successful exploitation of this vulnerability may cause out-of-bounds memory access.

Published: 2/9/2023Updated: 3/25/2025

Description

The geofencing kernel code has a vulnerability of not verifying the length of the input data. Successful exploitation of this vulnerability may cause out-of-bounds memory access.

AI AnalysisPowered by AI

Affected Products

huaweiemui

12.0.1

huaweiharmonyos

2.0

huaweiharmonyos

3.0.0

References

https://consumer.huawei.com/en/support/bulletin/2023/2/
Vendor Advisory
https://device.harmonyos.com/en/docs/security/update/security-bulletins-202302-0000001454769474
PatchVendor Advisory
https://consumer.huawei.com/en/support/bulletin/2023/2/
Vendor Advisory
https://device.harmonyos.com/en/docs/security/update/security-bulletins-202302-0000001454769474
PatchVendor Advisory