CVE-2022-0882

A bug exists where an attacker can read the kernel log through exposed Zircon kernel addresses without the required capability ZXRSRCKINDROOT. It is recommended to upgrade the Fuchsia kernel to 4.1.1 or greater...

CVE-2022-0882

A bug exists where an attacker can read the kernel log through exposed Zircon kernel addresses without the required capability ZXRSRCKINDROOT. It is recommended to upgrade the Fuchsia kernel to 4.1.1 or greater...

CVE-2022-0882

CVE-2022-0882 affects the Fuchsia kernel (Zircon kernel addresses) and allows information disclosure: an attacker can read the kernel log via exposed Zircon kernel addresses without the required capability ZX_RSRC_KIND_ROOT. The issue is triggered by access to low-level kernel addressing, enablin...

CVE-2021-22556 Integer Overflow in Fuchsia Kernel

The Security Team discovered an integer overflow bug that allows an attacker with code execution to issue memory cache invalidation operations on pages that they don’t own, allowing them to control kernel memory from userspace. We recommend upgrading to kernel version 4.1 or beyond...

Fuchsia 安全漏洞

Fuchsia is an open source general purpose operating system. A security vulnerability exists in versions of the Fuchsia kernel prior to 4.1.1, which can be exploited by an attacker to read kernel logs via an exposed Zircon kernel address without the required functionality of ZXRSRCKINDROOT...

PT-2022-2920 · Google · Fuchsia

Name of the Vulnerable Software and Affected Versions: Fuchsia versions prior to 4.1.1 Description: The issue is related to information disclosure. An attacker can read the kernel log through exposed Zircon kernel addresses without the required capability ZX RSRC KIND ROOT. Recommendations: For...

CVE-2021-22566 Incorrect mapping of Executable bits in Fuchsia Kernel

An incorrect setting of UXN bits within mmuflagstos1pteattr lead to privileged executable pages being mapped as executable from an unprivileged context. This can be leveraged by an attacker to bypass executability restrictions of kernel-mode pages from user-mode. An incorrect setting of PXN bits...

CVE-2021-22566 Incorrect mapping of Executable bits in Fuchsia Kernel

An incorrect setting of UXN bits within mmuflagstos1pteattr lead to privileged executable pages being mapped as executable from an unprivileged context. This can be leveraged by an attacker to bypass executability restrictions of kernel-mode pages from user-mode. An incorrect setting of PXN bits...

PT-2022-9253 · Google · Fuchsia

Name of the Vulnerable Software and Affected Versions: Fuchsia kernel versions prior to commit 7d731b4e9599088ac3073956933559da7bca6a00 Description: An incorrect setting of UXN bits within mmu flags to s1 pte attr leads to privileged executable pages being mapped as executable from an unprivilege...