Lucene search
K
GoogleFuchsia

5 matches found

CVE
CVE
added 2022/05/03 3:50 p.m.92 views

CVE-2021-22556

CVE-2021-22556 affects the Fuchsia kernel. A integer overflow flaw lets a user with code execution issue memory cache invalidation on pages they don’t own, enabling control of kernel memory from userspace. Remediation per sources: upgrade to kernel version 4.1 or beyond. Other connected sources c...

7.8CVSS6.6AI score0.00155EPSS
CVE
CVE
added 2022/01/18 2:10 p.m.84 views

CVE-2021-22566

The CVE concerns the Fuchsia kernel. An incorrect setting of UXN and PXN bits in mmu_flags_to_s1_pte_attr can cause privileged executable kernel-mode pages to be mapped as executable from user mode, and unprivileged pages to be treated as executable from kernel mode. This misuse can bypass execut...

9.8CVSS9.4AI score0.00323EPSS
CVE
CVE
added 2022/05/03 3:50 p.m.79 views

CVE-2022-0882

CVE-2022-0882 affects the Fuchsia kernel (Zircon kernel addresses) and allows information disclosure: an attacker can read the kernel log via exposed Zircon kernel addresses without the required capability ZX_RSRC_KIND_ROOT. The issue is triggered by access to low-level kernel addressing, enablin...

5.5CVSS5.1AI score0.00115EPSS
CVE
CVE
added 2022/02/25 11:10 a.m.72 views

CVE-2022-0247

CVE-2022-0247 affects Fuchsia where VMO data can be modified via copy-on-write snapshots. A local attacker could modify VMO objects they lack permission to access, impacting integrity (per CVSS/I). The issue is tied to the copy-on-write handling in VMO data paths. A fix is available by upgrading ...

7.5CVSS5.7AI score0.00081EPSS
CVE
CVE
added 2025/01/30 7:17 p.m.47 views

CVE-2024-10604

CVE-2024-10604 affects Fuchsia’s network header field generation algorithms. Vulnerable components include the TCP Initial Sequence Number (ISN), TCP timestamp, TCP/UDP source ports, and IPv4/IPv6 fragment IDs, which can be guessed under certain circumstances. The available connected sources iden...

6.9CVSS6.6AI score0.00223EPSS