all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

CVE-2022-22253: Huawei HWLog Memory Corruption Via Race Condition

Add to bookmarks
July 24, 2022, midnight |

Taszk Labs on taszk.io labs labs.taszk.io

In this advisory we are disclosing a memory corruption vulnerability in the Huawei log device that allows any unprivileged process to trigger a kernel crash and reboot the device.
Huawei kernels are shipped with custom log devices (/dev/hwlog_dubai, /dev/hwlog_exception and /dev/hwlog_jank) that facilitate better system diagnostics through a series of ioctl calls. One of these diagnostics module is referred to as memcheck, and it provides detailed statistics about the system memory usage, including the allocations made by the SLAB kernel …

corruption cve huawei memory memory corruption race condition

Visit resource

More from labs.taszk.io / Taszk Labs on taszk.io labs

Full Chain Baseband Exploits, Part 3 4 months, 3 weeks ago | labs.taszk.io
arbitrary code baseband code code execution +14
Full Chain Baseband Exploits, Part 2 4 months, 3 weeks ago | labs.taszk.io
baseband buffer buffer overflow concrete +13
Full Chain Baseband Exploits, Part 1 4 months, 3 weeks ago | labs.taszk.io
application baseband blog blog post +13
CVE-2023-30646: Samsung RIL Heap Buffer Overflow 5 months ago | labs.taszk.io
advisory android arbitrary code baseband +19
CVE-2022-21744: Mediatek Baseband GPRS PNCD Heap Buffer Overflow 5 months ago | labs.taszk.io
advisory arbitrary code baseband buffer +16
CVE-2023-21517: Samsung Baseband LTE ESM TFT Heap Buffer Overflow 5 months ago | labs.taszk.io
advisory arbitrary code baseband buffer +18
CVE-2022-21769: Mediatek CCCI Kernel Driver OOB Read 5 months ago | labs.taszk.io
application baseband cellular communication +23
CVE-2022-21765: Mediatek CCCI Kernel Driver OOB Write 5 months ago | labs.taszk.io
advisory application arbitrary code baseband +20
CVE-2022-21766: Mediatek CCCI Kernel Driver Stack Buffer Overflow 5 months ago | labs.taszk.io
advisory application arbitrary code baseband +24

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

SITEC- Systems Security Administrator- Camp HM Smith

@ Peraton | Camp H.M. Smith, HI, United States
View on infosec-jobs.com

Cyberspace Intelligence Analyst

@ Peraton | Fort Meade, MD, United States
View on infosec-jobs.com

General Manager, Cybersecurity, Google Public Sector

@ Google | Virginia, USA; United States
View on infosec-jobs.com

Cyber Security Advisor

@ H&M Group | Stockholm, Sweden
View on infosec-jobs.com

Engineering Team Manager – Security Controls

@ H&M Group | Stockholm, Sweden
View on infosec-jobs.com
View more jobs