Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-39189

An issue was discovered the x86 KVM subsystem in the Linux kernel before 5.18.17. Unprivileged guest users can compromise the guest kernel because TLB flush operations are mishandled in certain KVM_VCPU_PREEMPTED situations.

Published

2022-09-02T05:15:07.693

Last Modified

2025-05-05T16:15:19.080

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.8 (HIGH)

Weaknesses

Type: Primary
NVD-CWE-noinfo

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	linux	linux_kernel	< 5.4.244	Yes
Operating System	linux	linux_kernel	< 5.10.180	Yes
Operating System	linux	linux_kernel	< 5.15.60	Yes
Operating System	linux	linux_kernel	< 5.18.17	Yes
Application	netapp	hci_baseboard_management_controller	h300s	Yes
Application	netapp	hci_baseboard_management_controller	h410c	Yes
Application	netapp	hci_baseboard_management_controller	h410s	Yes
Application	netapp	hci_baseboard_management_controller	h500s	Yes
Application	netapp	hci_baseboard_management_controller	h700s	Yes

References

https://bugs.chromium.org/p/project-zero/issues/detail?id=2309 Issue Tracking, Patch, Third Party Advisory ([email protected])
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.18.17 Patch, Release Notes, Vendor Advisory ([email protected])
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6cd88243c7e03845a450795e134b488fc2afb736 Patch, Vendor Advisory ([email protected])
https://github.com/torvalds/linux/commit/6cd88243c7e03845a450795e134b488fc2afb736 Patch, Third Party Advisory ([email protected])
https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html ([email protected])
https://security.netapp.com/advisory/ntap-20230214-0007/ Third Party Advisory ([email protected])
https://www.debian.org/security/2023/dsa-5480 Third Party Advisory, VDB Entry ([email protected])
https://bugs.chromium.org/p/project-zero/issues/detail?id=2309 Issue Tracking, Patch, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.18.17 Patch, Release Notes, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6cd88243c7e03845a450795e134b488fc2afb736 Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://github.com/torvalds/linux/commit/6cd88243c7e03845a450795e134b488fc2afb736 Patch, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html (af854a3a-2127-422b-91ae-364da2661108)
https://security.netapp.com/advisory/ntap-20230214-0007/ Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.debian.org/security/2023/dsa-5480 Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)