Huawei has officially released the February 2022 HarmonyOS mobile security patch details that include fixes for 1 medium-level CVE in the kernel, 1 high-level CVE in the system as well as 1 critical, 9 high, and 30 medium levels of CVEs in third-party libraries.
This bulletin contains details about the security vulnerabilities that have been fixed by security patch 2022-02-01 or the updated HarmonyOS version.
HarmonyOS Security Mitigation Measures
You can find the mitigation measures provided by HarmonyOS in Security Guidelines. These measures help reduce the risks of the security vulnerabilities on HarmonyOS to be exploited.
The security hardening functions provided by later HarmonyOS versions make it harder for attackers to exploit the vulnerabilities of HarmonyOS. You are advised to upgrade HarmonyOS to the latest version.
Security Patch 2022-02-01 Vulnerability Details
CVE-2021-40015 – The binder driver subsystem of the kernel has a race condition vulnerabilit – Successful exploitation of this vulnerability may affect kernel stability – Medium – HarmonyOS 2.0 – Driver (Module).
