CVE-2026-34867
Double Free Vulnerability in Multi-Mode Input System Causes DoS
Publication date: 2026-04-13
Last updated on: 2026-04-17
Assigner: Huawei Technologies
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| huawei | harmonyos | 5.1.0 |
| huawei | harmonyos | 6.0.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-415 | The product calls free() twice on the same memory address. |
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided information does not specify any direct effects of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.
Can you explain this vulnerability to me?
This vulnerability is a double free issue in the multi-mode input system. A double free occurs when a program attempts to free the same memory location twice, which can lead to undefined behavior or system instability.
How can this vulnerability impact me? :
Successful exploitation of this vulnerability may affect the availability of the affected system, potentially causing crashes or denial of service.
What immediate steps should I take to mitigate this vulnerability?
The vulnerability affects Huawei HarmonyOS, specifically the multi-mode input system, and may impact system availability.
To mitigate this vulnerability, it is recommended to apply the latest security updates and patches provided by Huawei for HarmonyOS 6.0.0 and related versions.
Since the security bulletin released in April 2026 addresses multiple vulnerabilities including this one, ensure your system is updated according to the official Huawei security bulletins.