Primary

Context

OpenHarmony Local Denial-of-Service Vulnerability in LiteOS Memory Management

Vulnerability

Patched

A denial-of-service vulnerability has been identified in OpenHarmony versions through 6.0. The issue arises from a memory leak that can be exploited by a local attacker, leading to increased resource consumption and potential system instability.

Impact

Exploitation of this vulnerability causes a denial-of-service condition by exhausting system memory, which can lead to application or system crashes.

Remediation

Users can apply the available patches for this vulnerability by merging the corresponding pull requests into their OpenHarmony branches. Instructions for applying these patches can be found in the 'Remediation' section of the OpenHarmony security disclosure for February 2026.

Added: Mar 16, 2026, 2:33 PM

Updated: Mar 16, 2026, 2:33 PM

Vulnerability Rating

Custom Algorithm

spread

5.4

impact

2.5

exploitability

2.9

remediation

7.7

relevance

4.0

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.4

impact

2.5

exploitability

2.9

remediation

7.7

relevance

4.0

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

OpenHarmony Local Denial-of-Service Vulnerability in LiteOS Memory Management

Vulnerability

Impact

Remediation

Affected Products

OpenHarmony

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating