The Security Team discovered an integer overflow bug that allows an attacker with code execution to issue memory cache invalidation operations on pages that they don’t own, allowing them to control kernel memory from userspace. We recommend upgrading to kernel version 4.1 or beyond.
References
Link | Resource |
---|---|
https://fuchsia-review.googlesource.com/c/fuchsia/+/570881 | Issue Tracking Patch Third Party Advisory |
https://fuchsia.dev/whats-new/release-notes/f4-1 | Release Notes Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: Google
Published: 2022-05-03T15:50:11
Updated: 2022-05-03T15:50:11
Reserved: 2021-01-05T00:00:00
Link: CVE-2021-22556
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-05-03T16:15:18.627
Modified: 2022-05-10T23:56:13.497
Link: CVE-2021-22556
JSON object: View
Redhat Information
No data.
CWE