HarmonyOS

Huawei fixes various issues with October 2022 HarmonyOS security patches

Published

on

Huawei is always concerned about providing better system security to its users. As a consequence, it releases security patches every month to keep its devices secured from various flaws. The freshly released October 2022 HarmonyOS security patches fix scores of issues in the system to make it more reliable for users.

The Chinese tech maker has an excellent collection of phones and it is also known for sending regular updates on its devices to keep devices in the good condition. But some issues arise with the updates and put the security of the system at risk.

In the latest move, Huawei has published the October 2022 HarmonyOS security patch details. As usual, the Chinese tech giant fixed different levels of exploits and issues within Huawei devices. You can check the complete detail of CVEs here.

The latest patch will give your device the ability to defend against malicious activities and thefts. Therefore, the installation of the October 2022 update is really essential for increased system security and privacy. We highly recommend upgrading your devices with the latest security patches.

October 2022 HarmonyOS security fixes:

The October 2022 security patch fixes exploits and issues in the Kernel, System, Application section, and third-party libraries within Huawei Phones.

Kernel

The newest security patch fixes 12 CVEs in different levels of the Kernel section. The fix impacts various CVEs that are the cause of out-of-bounds reading and affect data confidentiality. Also, successful exploitation of the vulnerability can cause unauthorized access to the HISP module and memory overwriting.

System

The patch fixes a total of 19 vulnerabilities in this section from the critical, high, and medium grades. It identifies the Use-After-Free (UAF) vulnerability in the BT Hfp Client module and fixes it. Resolves another critical CVE in the HW_KEYMASTER module which may cause malicious construction of data and result in out-of-bounds access.

Meanwhile, it fixes some more bugs that affect data confidentiality, data integrity, and fingerprint service.

Application

The application section includes one high and three medium-level exploits. The latest patch resolves severe vulnerabilities in the HwAirlink module and the facial recognition module. Noticeably, the successful exploitation of these exposures results in the modification of sensitive data and may allow attackers to obtain process control permissions and information leakage.

Interestingly, these new patches with fixes will soon start to reach Huawei devices via software updates.

 

Copyright © 2022 Huaweicentral.com