PT-2022-13065 · Google · Fuchsia

Published

2022-02-25

Updated

2022-03-08

CVE-2022-0247

CVSS v3.1

7.5

High

Vector

AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N

Name of the Vulnerable Software and Affected Versions Fuchsia (affected versions not specified)

Description An issue exists in Fuchsia where VMO data can be modified through access to copy-on-write snapshots, allowing a local attacker to modify objects in the VMO that they do not have permission to.

Recommendations We recommend upgrading past commit d97c05d2301799ed585620a9c5c739d36e7b5d3d.

Fix

Incorrect Permission

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-732

Related Identifiers

CVE-2022-0247

Affected Products

Fuchsia

PT-2022-13065 · Google · Fuchsia

CVE-2022-0247

Weakness Enumeration

Related Identifiers

Affected Products

References · 4