First published: Fri Feb 25 2022(Updated: )
An issue exists in Fuchsia where VMO data can be modified through access to copy-on-write snapshots. A local attacker could modify objects in the VMO that they do not have permission to. We recommend upgrading past commit d97c05d2301799ed585620a9c5c739d36e7b5d3d or any of the listed versions.
Credit: cve-coordination@google.com
Affected Software | Affected Version | How to fix |
---|---|---|
Google Fuchsia | <2022-01-03 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID of this issue is CVE-2022-0247.
CVE-2022-0247 has a severity level of high.
The affected software is Google Fuchsia.
A local attacker can exploit CVE-2022-0247 by modifying objects in the VMO that they do not have permission to.
To fix CVE-2022-0247, we recommend upgrading to a version past commit d97c05d2301799ed585620a9c5c739d36e7b5d3d or any of the listed versions.