CVE-2021-22566

Name of the Vulnerable Software and Affected Versions Fuchsia kernel versions prior to commit 7d731b4e9599088ac3073956933559da7bca6a00

Description An incorrect setting of UXN bits within mmu flags to s1 pte attr leads to privileged executable pages being mapped as executable from an unprivileged context. This can be leveraged by an attacker to bypass executability restrictions of kernel-mode pages from user-mode. An incorrect setting of PXN bits within mmu flags to s1 pte attr leads to unprivileged executable pages being mapped as executable from a privileged context. This can be leveraged by an attacker to bypass executability restrictions of user-mode pages from kernel-mode. Typically, this allows a potential attacker to circumvent a mitigation, making exploitation of potential kernel-mode vulnerabilities easier.

Recommendations Update the kernel beyond commit 7d731b4e9599088ac3073956933559da7bca6a00 and rebuild.