Updates

Huawei HarmonyOS July 2022 Security patch details listed

Huawei released the July 2022 HarmonyOS mobile security patch details that include fixes for 1 CVE in framework, 3 CVEs in the kernel, 4 CVEs in the system, 2 CVEs in the Application and 6 CVEs in the third-party libraries. This bulletin contains details about the security vulnerabilities that have been fixed by security patch 2022-07-01.

Framework

CVE-2021-46741 (The basic framework and setting module have defects, which were introduced during the design.)

Kernel

CVE-2022-34735 (The frame scheduling module has a null pointer dereference vulnerability.)
CVE-2022-34736 (The frame scheduling module has a null pointer dereference vulnerability.)
CVE-2022-34743 (The AT commands of the USB port have an out-of-bounds read vulnerability.)

System

CVE-2022-34740 (The NFC module has a buffer overflow vulnerability.)
CVE-2022-34741 (The NFC module has a buffer overflow vulnerability.)
CVE-2022-34739 (The fingerprint module has a vulnerability of overflow in arithmetic addition.)
CVE-2022-34742 (The system module has a read/write vulnerability.)

Application

CVE-2022-34737 (The application security module has a vulnerability in permission assignment.)
CVE-2022-34738 (The SystemUI module has a vulnerability in permission control.)

Third-Party Library

CVE-2018-25032 (High)
CVE-2022-1353 (Medium)
CVE-2022-1016 (Medium)
CVE-2021-0344 (Medium)
CVE-2022-20057 (Medium)
CVE-2022-25375 (Medium)

Join HU On Telegram

Min

Min En specializes in smartphone reviews, EMUI/HarmonyOS coverage, and mobile industry analysis. His in-depth knowledge of Huawei's ecosystem, from flagship devices to emerging technologies, makes him a trusted voice in the tech community.