Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-1158

A flaw was found in KVM. When updating a guest's page table entry, vm_pgoff was improperly used as the offset to get the page's pfn. As vaddr and vm_pgoff are controllable by user-mode processes, this flaw allows unprivileged local users on the host to write outside the userspace region and potentially corrupt the kernel, resulting in a denial of service condition.

Published

2022-08-05T17:15:08.017

Last Modified

2024-11-21T06:40:09.267

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.8 (HIGH)

Weaknesses

Type: Secondary
CWE-416
Type: Primary
CWE-416

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	linux	linux_kernel	< 5.4.189	Yes
Operating System	linux	linux_kernel	< 5.10.110	Yes
Operating System	linux	linux_kernel	< 5.15.33	Yes
Operating System	linux	linux_kernel	< 5.16.19	Yes
Operating System	linux	linux_kernel	< 5.17.2	Yes
Operating System	fedoraproject	fedora	36	Yes
Operating System	redhat	enterprise_linux	8.0	Yes
Operating System	redhat	enterprise_linux	9.0	Yes

References

https://bugzilla.redhat.com/show_bug.cgi?id=2069793 Exploit, Issue Tracking, Third Party Advisory ([email protected])
https://security.netapp.com/advisory/ntap-20230214-0003/ Third Party Advisory ([email protected])
https://www.openwall.com/lists/oss-security/2022/04/08/4 Exploit, Mailing List, Third Party Advisory ([email protected])
https://bugzilla.redhat.com/show_bug.cgi?id=2069793 Exploit, Issue Tracking, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://security.netapp.com/advisory/ntap-20230214-0003/ Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.openwall.com/lists/oss-security/2022/04/08/4 Exploit, Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)