प्लेटफ़ॉर्म
linux
घटक
fuchsia-kernel
में ठीक किया गया
7d731b4e9599088ac3073956933559da7bca6a00
CVE-2021-22566 is a privilege escalation vulnerability discovered in the Fuchsia Kernel. This flaw allows attackers to bypass executability restrictions, potentially enabling user-mode processes to execute kernel-mode code. The vulnerability affects Fuchsia Kernel versions prior to 7d731b4e9599088ac3073956933559da7bca6a00. A fix has been released in version 7d731b4e9599088ac3073956933559da7bca6a00.
The core of this vulnerability lies in the incorrect handling of UXN (User eXecute Not-Allowed) and PXN (Privileged eXecute Not-Allowed) bits within the mmuflagstos1pte_attr function. Specifically, the vulnerability allows an attacker to map privileged executable pages as executable from an unprivileged context, effectively bypassing kernel-mode executability restrictions from user-mode. Conversely, it also permits mapping unprivileged executable pages as executable from a privileged context, circumventing user-mode restrictions from kernel-mode. This dual bypass significantly expands the attack surface. Successful exploitation could lead to arbitrary code execution within the kernel, granting the attacker complete control over the Fuchsia system. The ability to execute arbitrary code in kernel mode represents a severe compromise, potentially allowing for data theft, system modification, and denial of service.
This vulnerability was publicly disclosed on January 18, 2022. While no active exploitation campaigns have been definitively linked to CVE-2021-22566, the potential for privilege escalation makes it a high-value target. The vulnerability's impact on kernel-level memory protection suggests a potential inclusion in future exploit collections. It is not currently listed on the CISA KEV catalog.
Systems running Fuchsia OS, particularly those with limited security controls or exposed to untrusted user input, are at risk. Devices utilizing Fuchsia for embedded systems or IoT applications should be prioritized for patching. Development environments and testing systems running Fuchsia are also vulnerable.
• linux / server: Monitor kernel logs for unusual memory mapping activity or attempts to execute code from unprivileged contexts. Use journalctl -k to filter for relevant kernel messages.
journalctl -k | grep -i 'mmu_flags_to_s1_pte_attr'• linux / server: Employ auditd rules to track modifications to memory protection settings.
auditctl -w /path/to/kernel/module -p x -k kernel_mmu• generic web: While not directly applicable to web applications, monitor system-level processes for unexpected kernel module loading or execution.
disclosure
एक्सप्लॉइट स्थिति
EPSS
0.01% (3% शतमक)
CISA SSVC
The primary mitigation for CVE-2021-22566 is to upgrade the Fuchsia Kernel to version 7d731b4e9599088ac3073956933559da7bca6a00 or later. Due to the nature of the vulnerability and its impact on kernel-level memory protection, there are no readily available workarounds beyond upgrading. Consider implementing stricter access controls and privilege separation within the Fuchsia environment to limit the potential impact of a successful exploit. Regularly review and audit kernel configurations to ensure adherence to security best practices. After upgrading, verify the fix by attempting to execute a user-mode process with elevated privileges and confirming that the attempt is denied.
Actualice el kernel de Fuchsia a una versión posterior al commit 7d731b4e9599088ac3073956933559da7bca6a00 y recompile el sistema. Esto corregirá la configuración incorrecta de los bits UXN y PXN, evitando la ejecución no autorizada de código en el kernel.
भेद्यता विश्लेषण और गंभीर अलर्ट सीधे आपके ईमेल में।
CVE-2021-22566 is a vulnerability in the Fuchsia Kernel allowing user-mode processes to bypass executability restrictions and potentially execute kernel-mode code, leading to privilege escalation.
You are affected if you are running Fuchsia Kernel versions prior to 7d731b4e9599088ac3073956933559da7bca6a00. Check your system's version and upgrade if necessary.
Upgrade your Fuchsia Kernel to version 7d731b4e9599088ac3073956933559da7bca6a00 or later. This resolves the incorrect bit setting issue.
While no active exploitation campaigns have been definitively confirmed, the potential for privilege escalation makes it a high-value target and a potential future threat.
Refer to the Fuchsia security advisories for detailed information and updates regarding CVE-2021-22566: https://fuchsia.dev/security
अपनी डिपेंडेंसी फ़ाइल अपलोड करें और तुरंत जानें कि यह CVE और अन्य आपको प्रभावित करती हैं या नहीं।