CVE-2024-9978 – CVE-2024-9978 is an out-of-bounds read vulnerab... (How to Fix)

Q: What is the severity of CVE-2024-9978?

CVE-2024-9978 has a CVSS score of 5.5 (MEDIUM). CVE-2024-9978 is an out-of-bounds read vulnerability in OpenHarmony that allows a local attacker to read memory beyond allocated buffers, potentially leaking sensitive information. This affects OpenHarmony v4.1.1 and earlier versions, impacting devices running these operating system versions.

📋 TL;DR

CVE-2024-9978 is an out-of-bounds read vulnerability in OpenHarmony that allows a local attacker to read memory beyond allocated buffers, potentially leaking sensitive information. This affects OpenHarmony v4.1.1 and earlier versions, impacting devices running these operating system versions.

💻 Affected Systems

Products:

OpenHarmony

Versions: v4.1.1 and prior versions

Operating Systems: OpenHarmony

Default Config Vulnerable: ⚠️ Yes

Notes: All devices running vulnerable OpenHarmony versions are affected by default

📦 What is this software?

Openharmony by Openatom

View all CVEs affecting Openharmony →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Local attacker gains unauthorized access to sensitive kernel memory, potentially exposing cryptographic keys, authentication tokens, or other privileged system information

🟠

Likely Case

Local user or malicious app reads adjacent memory contents, potentially exposing application data or system information

🟢

If Mitigated

Information disclosure limited to non-sensitive data due to memory isolation and access controls

🌐 Internet-Facing: LOW - Requires local access to the device

🏢 Internal Only: MEDIUM - Local attackers or malicious apps could exploit this on compromised devices

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires local access and knowledge of memory layout; no public exploit code identified

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: OpenHarmony v4.1.2 or later

Vendor Advisory: https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2024/2024-12.md

Restart Required: Yes

Instructions:

1. Check current OpenHarmony version. 2. Update to v4.1.2 or later via official update channels. 3. Reboot device after update.

🔧 Temporary Workarounds

Restrict local access

all

Limit physical and logical access to devices running vulnerable OpenHarmony versions

Application sandboxing

all

Enforce strict application isolation and permissions to limit potential information leakage

🧯 If You Can't Patch

Isolate vulnerable devices on separate network segments
Implement strict access controls and monitoring for devices running vulnerable versions

🔍 How to Verify

Check if Vulnerable:

Check OpenHarmony version via system settings or command: getprop ro.build.version.ohos

Check Version:

getprop ro.build.version.ohos

Verify Fix Applied:

Verify version is v4.1.2 or later using same command

📡 Detection & Monitoring

Log Indicators:

Unusual memory access patterns
Process crashes with memory access violations
Suspicious local privilege escalation attempts

Network Indicators:

Not applicable - local vulnerability

SIEM Query:

Process monitoring for abnormal memory reads or system calls related to memory access

📊 Metadata

CVE ID: CVE-2024-9978

CVSS v3 Score: 5.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-125

Published: December 3, 2024

Last Updated: December 11, 2024

🔗 References

https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2024/2024-12.md Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-9978, you might also want to check these: