HarmonyOS

Check out Huawei HarmonyOS September 2022 security patch details

Published

on

We have started running on the track of September 2022, and so is Huawei. The company has published the freshly released Huawei HarmonyOS September 2022 security patch details so that users can understand the importance of regular updates.

Every technology carries some Pros and Cons, and Huawei knows about this fact very well. Hence, to keep its devices safe and secure, the company rolls out a maintenance patch every month for users. These patches tie up the voids that can give birth to several harmful threats and exploits in the system.

The same goes for the Huawei September 2022 HarmonyOS security patch. The respective improvement piece covers various issues in the framework, kernel, and system section, and provides immense stability and firmness to the internal mechanism.

Apart from these mini packets of benefits, the company has also started its work on the HarmonyOS 3.0 firmware. So far, Huawei has released the beta packages for several of its eligible devices. Yet, there is more to cover in this vast family of smart gadgets.

While the Chinese manufacturer is still working on the distribution management of the latest patch and interface, let’s learn about what fixes the September 2022 HarmonyOS security patch brings in its bag.

September 2022 HarmonyOS Security Details

Framework

September 2022 security patch from the framework section marks four vulnerabilities. One of them (CVE-2022-39008) is from a high level of severity. While the other three (CVE-2021-40024, CVE-2021-46836, CVE-2022-39000) are from a medium level of severity.

In other words, these vulnerabilities could allow malicious apps and programs to automatically start and affect the system. Besides, it could have an impact on the essential data and its confidentiality.

Kernel

The patch resolves 4 CVEs from the critical level of severity, 2 CVEs from the high levels, and 11 CVEs from the medium levels of severity. You can check these vulnerabilities in more detail, below.

  • Critical – CVE-2022-38990, CVE-2022-38993, CVE-2022-39006, CVE-2022-38987
  • High – CVE-2022-39004, CVE-2022-39005
  • Medium – CVE-2022-38988, CVE-2022-38989, CVE-2022-38978, CVE-2022-38979, CVE-2022-38991, CVE-2022-38992, CVE-2022-38994, CVE-2022-38995, CVE-2022-38996, CVE-2022-38997, CVE-2022-38999

System

The latest security patch fixes 2 critical, 2 high, and 2 medium levels of vulnerabilities in the system. These issues are regarding the location and permission modules of the device.

  • Critical – CVE-2021-40017, CVE-2021-40040
  • High – CVE-2022-39007, CVE-2022-39001
  • Medium – CVE-2022-39009, CVE-2022-39010

Applications

The September 2022 HarmonyOS patch includes 2 medium levels of CVEs in the application section. These bugs relate to the Nearby and network module of the device that could affect the system availability.

  • Medium – CVE-2021-40053, CVE-2022-37006

Third-Party Library

Huawei has fixed dozens of vulnerabilities in the third-party library section. There are a total of 37 different CVEs, divided into critical, high, and medium levels of severity.

  • Critical – CVE-2021-35090, CVE-2021-1942, CVE-2021-30341, CVE-2021-30342
  • High – CVE-2021-39696, CVE-2022-20344, CVE-2022-20346, CVE-2022-20347, CVE-2022-20348, CVE-2022-20349, CVE-2022-20350, CVE-2022-20354, CVE-2022-20355, CVE-2022-20356, CVE-2022-20358, CVE-2022-22080, CVE-2022-20219, CVE-2022-21744, CVE-2022-20083, CVE-2022-20126, CVE-2022-20133, CVE-2021-35102, CVE-2021-35072, CVE-2021-35078, CVE-2021-30323, CVE-2021-1950, CVE-2021-30344, CVE-2021-30350, CVE-2021-35100
  • Medium – CVE-2021-3609,  CVE-2022-0435, CVE-2022-1055, CVE-2022-20158, CVE-2022-20368, CVE-2022-20371, CVE-2022-27666, CVE-2022-29581, CVE-2021-35118, CVE-2021-35120,  CVE-2021-39765

Copyright © 2022 Huaweicentral.com