Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2022-9264

Опубликовано: 08 апр. 2022
Источник: oracle-oval
Платформа: Oracle Linux 7
Платформа: Oracle Linux 8

Описание

ELSA-2022-9264: Unbreakable Enterprise kernel security update (IMPORTANT)

[5.4.17-2136.305.5.5]

  • KVM: x86/mmu: do compare-and-exchange of gPTE via the user address (Paolo Bonzini) [Orabug: 34034594] {CVE-2022-1158}

Обновленные пакеты

Oracle Linux 7

Oracle Linux aarch64

kernel-uek

5.4.17-2136.305.5.5.el7uek

kernel-uek-debug

5.4.17-2136.305.5.5.el7uek

kernel-uek-debug-devel

5.4.17-2136.305.5.5.el7uek

kernel-uek-devel

5.4.17-2136.305.5.5.el7uek

kernel-uek-doc

5.4.17-2136.305.5.5.el7uek

kernel-uek-tools

5.4.17-2136.305.5.5.el7uek

kernel-uek-tools-libs

5.4.17-2136.305.5.5.el7uek

perf

5.4.17-2136.305.5.5.el7uek

python-perf

5.4.17-2136.305.5.5.el7uek

Oracle Linux x86_64

kernel-uek

5.4.17-2136.305.5.5.el7uek

kernel-uek-debug

5.4.17-2136.305.5.5.el7uek

kernel-uek-debug-devel

5.4.17-2136.305.5.5.el7uek

kernel-uek-devel

5.4.17-2136.305.5.5.el7uek

kernel-uek-doc

5.4.17-2136.305.5.5.el7uek

kernel-uek-tools

5.4.17-2136.305.5.5.el7uek

Oracle Linux 8

Oracle Linux aarch64

kernel-uek

5.4.17-2136.305.5.5.el8uek

kernel-uek-debug

5.4.17-2136.305.5.5.el8uek

kernel-uek-debug-devel

5.4.17-2136.305.5.5.el8uek

kernel-uek-devel

5.4.17-2136.305.5.5.el8uek

kernel-uek-doc

5.4.17-2136.305.5.5.el8uek

Oracle Linux x86_64

kernel-uek

5.4.17-2136.305.5.5.el8uek

kernel-uek-debug

5.4.17-2136.305.5.5.el8uek

kernel-uek-debug-devel

5.4.17-2136.305.5.5.el8uek

kernel-uek-devel

5.4.17-2136.305.5.5.el8uek

kernel-uek-doc

5.4.17-2136.305.5.5.el8uek

Связанные CVE

CVE-2022-1158

Ссылки на источники

Связанные уязвимости

ubuntu логотип

CVE-2022-1158

CVSS3: 7.8
ubuntu
почти 3 года назад

A flaw was found in KVM. When updating a guest's page table entry, vm_pgoff was improperly used as the offset to get the page's pfn. As vaddr and vm_pgoff are controllable by user-mode processes, this flaw allows unprivileged local users on the host to write outside the userspace region and potentially corrupt the kernel, resulting in a denial of service condition.

redhat логотип

CVE-2022-1158

CVSS3: 7
redhat
больше 3 лет назад

A flaw was found in KVM. When updating a guest's page table entry, vm_pgoff was improperly used as the offset to get the page's pfn. As vaddr and vm_pgoff are controllable by user-mode processes, this flaw allows unprivileged local users on the host to write outside the userspace region and potentially corrupt the kernel, resulting in a denial of service condition.

nvd логотип

CVE-2022-1158

CVSS3: 7.8
nvd
почти 3 года назад

A flaw was found in KVM. When updating a guest's page table entry, vm_pgoff was improperly used as the offset to get the page's pfn. As vaddr and vm_pgoff are controllable by user-mode processes, this flaw allows unprivileged local users on the host to write outside the userspace region and potentially corrupt the kernel, resulting in a denial of service condition.

msrc логотип

CVE-2022-1158

CVSS3: 7.8
msrc
почти 3 года назад

Описание отсутствует

debian логотип

CVE-2022-1158

CVSS3: 7.8
debian
почти 3 года назад

A flaw was found in KVM. When updating a guest's page table entry, vm_ ...