A flaw was found in KVM. When updating a guest's page table entry, vm_pgoff was improperly used as the offset to get the page's pfn. As vaddr and vm_pgoff are controllable by user-mode processes, this flaw allows unprivileged local users on the host to write outside the userspace region and potentially corrupt the kernel, resulting in a denial of service condition.
References
Link | Resource |
---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=2069793 | Exploit Issue Tracking Third Party Advisory |
https://security.netapp.com/advisory/ntap-20230214-0003/ | Third Party Advisory |
https://www.openwall.com/lists/oss-security/2022/04/08/4 | Exploit Mailing List Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
History
15 Aug 2022, 23:01
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:* |
|
References | (MISC) https://www.openwall.com/lists/oss-security/2022/04/08/4 - Exploit, Mailing List, Third Party Advisory | |
References | (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=2069793 - Exploit, Issue Tracking, Third Party Advisory | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
CWE | CWE-416 |
05 Aug 2022, 17:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-08-05 17:15
Updated : 2024-02-04 22:51
NVD link : CVE-2022-1158
Mitre link : CVE-2022-1158
CVE.ORG link : CVE-2022-1158
JSON object : View
Products Affected
redhat
- enterprise_linux
fedoraproject
- fedora
linux
- linux_kernel
CWE
CWE-416
Use After Free