CVE-2023-25947 Information

Description

The bundle management subsystem within OpenHarmony-v3.1.4 and prior versions has a null pointer reference vulnerability which local attackers can exploit this vulnerability to cause a DoS attack to the system when installing a malicious HAP package.

Reference

https://gitee.com/openharmony/security/blob/master/en/security-disclosure/2023/2023-03.md