Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2022-2153

Опубликовано: 31 авг. 2022
Источник: debian
EPSS Низкий

Описание

A flaw was found in the Linux kernel’s KVM when attempting to set a SynIC IRQ. This issue makes it possible for a misbehaving VMM to write to SYNIC/STIMER MSRs, causing a NULL pointer dereference. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, causing a kernel oops condition that results in a denial of service.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
linuxfixed5.17.3-1package
linuxfixed5.10.140-1bullseyepackage

Примечания

  • https://bugzilla.redhat.com/show_bug.cgi?id=2069736

  • https://git.kernel.org/linus/7ec37d1cbe17d8189d9562178d8b29167fe1c31a (5.18-rc1)

  • https://git.kernel.org/linus/00b5f37189d24ac3ed46cb7f11742094778c46ce (5.18-rc1)

  • https://git.kernel.org/linus/b1e34d325397a33d97d845e312d7cf2a8b646b44 (5.18-rc1)

EPSS

Процентиль: 5%
0.00024
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2022-2153

CVSS3: 5.5
ubuntu
почти 3 года назад

A flaw was found in the Linux kernel’s KVM when attempting to set a SynIC IRQ. This issue makes it possible for a misbehaving VMM to write to SYNIC/STIMER MSRs, causing a NULL pointer dereference. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, causing a kernel oops condition that results in a denial of service.

redhat логотип

CVE-2022-2153

CVSS3: 5.5
redhat
около 3 лет назад

A flaw was found in the Linux kernel’s KVM when attempting to set a SynIC IRQ. This issue makes it possible for a misbehaving VMM to write to SYNIC/STIMER MSRs, causing a NULL pointer dereference. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, causing a kernel oops condition that results in a denial of service.

nvd логотип

CVE-2022-2153

CVSS3: 5.5
nvd
почти 3 года назад

A flaw was found in the Linux kernel’s KVM when attempting to set a SynIC IRQ. This issue makes it possible for a misbehaving VMM to write to SYNIC/STIMER MSRs, causing a NULL pointer dereference. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, causing a kernel oops condition that results in a denial of service.

msrc логотип

CVE-2022-2153

CVSS3: 5.5
msrc
почти 3 года назад

Описание отсутствует

github логотип

GHSA-m5gv-cmjh-79r8

CVSS3: 5.5
github
почти 3 года назад

A flaw was found in the Linux kernel’s KVM when attempting to set a SynIC IRQ. This issue makes it possible for a misbehaving VMM to write to SYNIC/STIMER MSRs, causing a NULL pointer dereference. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, causing a kernel oops condition that results in a denial of service.

EPSS

Процентиль: 5%
0.00024
Низкий