CVE-2024-58113 – This vulnerability involves improper resource m... (How to Fix)

Q: What is the severity of CVE-2024-58113?

CVE-2024-58113 has a CVSS score of 5.3 (MEDIUM). This vulnerability involves improper resource management in memory management modules, potentially causing system instability or crashes. It primarily affects availability of systems running vulnerable Huawei products. Successful exploitation could lead to denial of service conditions.

📋 TL;DR

This vulnerability involves improper resource management in memory management modules, potentially causing system instability or crashes. It primarily affects availability of systems running vulnerable Huawei products. Successful exploitation could lead to denial of service conditions.

💻 Affected Systems

Products:

Huawei products with vulnerable memory management modules

Versions: Specific versions not detailed in provided reference

Operating Systems: OS dependent on affected Huawei products

Default Config Vulnerable: ⚠️ Yes

Notes: Check Huawei advisory for specific product and version details

📦 What is this software?

Harmonyos by Huawei

View all CVEs affecting Harmonyos →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system crash or prolonged unavailability requiring physical intervention

🟠

Likely Case

Service disruption, application crashes, or performance degradation

🟢

If Mitigated

Minor performance impact or no noticeable effect with proper resource monitoring

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires triggering specific memory management conditions

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Refer to Huawei security bulletin for specific fixed versions

Vendor Advisory: https://consumer.huawei.com/en/support/bulletin/2025/4/

Restart Required: Yes

Instructions:

1. Check Huawei advisory for affected products. 2. Download appropriate patches from Huawei support. 3. Apply patches following vendor instructions. 4. Restart affected systems.

🔧 Temporary Workarounds

Resource monitoring and limits

all

Implement strict memory usage monitoring and limits to prevent exploitation conditions

🧯 If You Can't Patch

Implement strict resource monitoring and alerting
Isolate vulnerable systems from critical networks

🔍 How to Verify

Check if Vulnerable:

Check system against Huawei advisory for specific product versions

Check Version:

Product-specific commands per Huawei documentation

Verify Fix Applied:

Verify patch installation and check system stability under load

📡 Detection & Monitoring

Log Indicators:

Memory allocation failures
System crash logs
Resource exhaustion warnings

Network Indicators:

Service unavailability alerts
Connection timeouts to affected services

SIEM Query:

Search for memory-related error codes or system crash events

📊 Metadata

CVE ID: CVE-2024-58113

CVSS v3 Score: 5.3 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

CWE: CWE-399

EPSS Score: 0.22% exploit probability (44.3th percentile)

Published: April 7, 2025

Last Updated: May 7, 2025

🔗 References

https://consumer.huawei.com/en/support/bulletin/2025/4/ Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-58113, you might also want to check these: