HUAWEI EMUI/Magic UI security updates January 2023
HUAWEI is releasing monthly security updates for flagship models. This security update includes HUAWEI and third-party library patches:
This security update includes the following third-party library patches:
This security update includes the CVE announced in the December 2022 Android security bulletin:
Critical: CVE-2022-20411, CVE-2022-20472, CVE-2022-20473, CVE-2022-20498
High: CVE-2021-0934, CVE-2022-20124, CVE-2022-20449, CVE-2022-20466, CVE-2022-20469, CVE-2022-20470, CVE-2022-20474, CVE-2022-20476, CVE-2022-20478, CVE-2022-20479, CVE-2022-20480, CVE-2022-20483, CVE-2022-20484, CVE-2022-20485, CVE-2022-20486, CVE-2022-20487, CVE-2022-20488, CVE-2022-20491, CVE-2022-20495, CVE-2022-20496, CVE-2022-20500, CVE-2022-20501, CVE-2022-20611, CVE-2022-33268
Medium: CVE-2022-20468, CVE-2022-25677, CVE-2022-1419, CVE-2022-28390, CVE-2022-30594, CVE-2022-20571, CVE-2022-20572
Low: none
Already included in previous updates: CVE-2022-20426, CVE-2022-20425, CVE-2022-20392, CVE-2022-25669, CVE-2022-25688, CVE-2022-25658, CVE-2022-25659
※ For more information on security patches, please refer to the Android security bulletins (https://source.android.com/security/bulletin).
This security update includes the following HUAWEI patches:
CVE-2021-46856: Path traversal vulnerability in the Multi-screen Collaboration module
Severity: Medium
Affected versions: EMUI 12.0.1, EMUI 12.0.0
Impact: Successful exploitation of this vulnerability may affect confidentiality.
CVE-2021-46867: The HW_KEYMASTER module does not release memory
Severity: Medium
Affected versions: EMUI 12.0.0
Impact: Successful exploitation of this vulnerability may cause out-of-bounds access.
CVE-2021-46868: The HW_KEYMASTER module does not release memory
Severity: Medium
Affected versions: EMUI 12.0.0
Impact: Successful exploitation of this vulnerability may cause out-of-bounds access.
CVE-2022-46761: Vulnerability of the dynamic hiding and restoring of app icons in the system
Severity: Medium
Affected versions: EMUI 12.0.1, EMUI 12.0.0, EMUI 11.0.1
Impact: Successful exploitation of this vulnerability allows app icons to be dynamically hidden or restored using special methods.
CVE-2022-46762: Logic bypass vulnerability in the memory management module
Severity: High
Affected versions: EMUI 12.0.0
Impact: Successful exploitation of this vulnerability may affect confidentiality.
CVE-2022-47974: DoS attack vulnerability in the Bluetooth AVRCP module
Severity: Medium
Affected versions: EMUI 12.0.1, EMUI 12.0.0, EMUI 11.0.1
Impact: Successful exploitation of this vulnerability may cause the Bluetooth process to restart.
CVE-2022-47975: Double free vulnerability of the DUBAI module
Severity: Medium
Affected versions: EMUI 12.0.0
Impact: Successful exploitation of this vulnerability will affect availability.
CVE-2022-47976: Control connection replacement vulnerability in the DMSDP module of the distributed hardware
Severity: High
Affected versions: EMUI 12.0.0
Impact: Successful exploitation of this vulnerability may disconnect normal service connections.
NHN Cloud 정보 사이트 취약점 진단 분석 평가 방법 사이트