Vulnerabilities > CVE-2022-0882 - Unspecified vulnerability in Google Fuchsia 4.1

CVSS 5.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

local

low complexity

google

NVD

Published: 2022-05-03

Updated: 2023-07-21

Summary

A bug exists where an attacker can read the kernel log through exposed Zircon kernel addresses without the required capability ZX_RSRC_KIND_ROOT. It is recommended to upgrade the Fuchsia kernel to 4.1.1 or greater.

Vulnerable Configurations

Part	Description	Count
OS	Google Google Fuchsia - Google Fuchsia 4.1	2

References

https://bugs.fuchsia.dev/p/fuchsia/issues/detail?id=94740