CVE-2022-3344

Опубликовано: 20 окт. 2022

Источник: redhat

CVSS3: 6.5

EPSS Низкий

Описание

A flaw was found in the KVM's AMD nested virtualization (SVM). A malicious L1 guest could purposely fail to intercept the shutdown of a cooperative nested guest (L2), possibly leading to a page fault and kernel panic in the host (L0).

Отчет

Red Hat currently provides the nested virtualization feature as a Technology Preview. Nested virtualization is therefore unsupported for production use. For more information please refer to https://access.redhat.com/solutions/21101 and https://access.redhat.com/support/offerings/techpreview.

Меры по смягчению последствий

This vulnerability can be mitigated by disabling the nested virtualization feature:

# modprobe -r kvm_amd # modprobe kvm_amd nested=0

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 6	kernel	Out of support scope
Red Hat Enterprise Linux 7	kernel	Out of support scope
Red Hat Enterprise Linux 7	kernel-rt	Out of support scope
Red Hat Enterprise Linux 8	kernel	Fix deferred
Red Hat Enterprise Linux 8	kernel-rt	Fix deferred
Red Hat Enterprise Linux 9	kernel	Fix deferred
Red Hat Enterprise Linux 9	kernel-rt	Fix deferred

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low

Дефект:

CWE-440

https://bugzilla.redhat.com/show_bug.cgi?id=2130278kernel: KVM: SVM: nested shutdown interception could lead to host crash

EPSS

Процентиль: 1%

0.00013

Низкий

6.5 Medium

CVSS3

Связанные уязвимости

CVE-2022-3344

CVSS3: 5.5

ubuntu

почти 3 года назад

CVE-2022-3344

CVSS3: 5.5

nvd

почти 3 года назад

CVE-2022-3344

CVSS3: 5.5

msrc

почти 3 года назад

Описание отсутствует

CVE-2022-3344

CVSS3: 5.5

debian

почти 3 года назад

A flaw was found in the KVM's AMD nested virtualization (SVM). A malic ...

GHSA-xmj6-5q7j-j6gg

CVSS3: 5.5

github

почти 3 года назад

EPSS

Процентиль: 1%

0.00013

Низкий

6.5 Medium

CVSS3