CVE-2022-4139

An incorrect TLB flush issue was found in the Linux kernel’s GPU i915 kernel driver, potentially leading to random memory corruption or data leaks. This flaw could allow a local user to crash the system or escalate their privileges on the system.

CVSS v3 7.8 HIGH

7.8^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://bugzilla.redhat.com/show_bug.cgi?id=2147572	Issue Tracking Patch Third Party Advisory
https://security.netapp.com/advisory/ntap-20230309-0004/	Third Party Advisory
https://www.openwall.com/lists/oss-security/2022/11/30/1	Mailing List Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2147572	Issue Tracking Patch Third Party Advisory
https://security.netapp.com/advisory/ntap-20230309-0004/	Third Party Advisory
https://www.openwall.com/lists/oss-security/2022/11/30/1	Mailing List Third Party Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:6.1:-::::::
	cpe:2.3:o:linux:linux_kernel:6.1:rc1::::::
	cpe:2.3:o:linux:linux_kernel:6.1:rc2::::::
	cpe:2.3:o:linux:linux_kernel:6.1:rc3::::::
	cpe:2.3:o:linux:linux_kernel:6.1:rc4::::::
	cpe:2.3:o:linux:linux_kernel:6.1:rc5::::::
	cpe:2.3:o:linux:linux_kernel:6.1:rc6::::::

History

21 Nov 2024, 07:34

Type	Values Removed	Values Added
Summary		(es) Se encontró un problema de descarga TLB incorrecto en el controlador del kernel GPU i915 del kernel de Linux, lo que podría provocar daños aleatorios en la memoria o fugas de datos. Esta falla podría permitir que un usuario local bloquee el sistema o aumente sus privilegios en el sistema.
References	~~() https://bugzilla.redhat.com/show_bug.cgi?id=2147572 - Issue Tracking, Patch, Third Party Advisory~~	() https://bugzilla.redhat.com/show_bug.cgi?id=2147572 - Issue Tracking, Patch, Third Party Advisory
References	~~() https://security.netapp.com/advisory/ntap-20230309-0004/ - Third Party Advisory~~	() https://security.netapp.com/advisory/ntap-20230309-0004/ - Third Party Advisory
References	~~() https://www.openwall.com/lists/oss-security/2022/11/30/1 - Mailing List, Third Party Advisory~~	() https://www.openwall.com/lists/oss-security/2022/11/30/1 - Mailing List, Third Party Advisory

12 May 2023, 13:28

Type	Values Removed	Values Added
References	~~(CONFIRM) https://security.netapp.com/advisory/ntap-20230309-0004/ -~~	(CONFIRM) https://security.netapp.com/advisory/ntap-20230309-0004/ - Third Party Advisory

09 Mar 2023, 19:15

Type	Values Removed	Values Added
CPE		cpe:2.3:o:linux:linux_kernel:6.1:rc5:::::: cpe:2.3:o:linux:linux_kernel:6.1:rc4:::::: cpe:2.3:o:linux:linux_kernel:6.1:rc2:::::: cpe:2.3:o:linux:linux_kernel:6.1:-:::::: cpe:2.3:o:linux:linux_kernel:6.1:rc1:::::: cpe:2.3:o:linux:linux_kernel:::::::: cpe:2.3:o:linux:linux_kernel:6.1:rc3:::::: cpe:2.3:o:linux:linux_kernel:6.1:rc6::::::
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 7.8
References		(CONFIRM) https://security.netapp.com/advisory/ntap-20230309-0004/ -
References	~~(MISC) https://www.openwall.com/lists/oss-security/2022/11/30/1 -~~	(MISC) https://www.openwall.com/lists/oss-security/2022/11/30/1 - Mailing List, Third Party Advisory
References	~~(MISC) https://bugzilla.redhat.com/show_bug.cgi?id=2147572 -~~	(MISC) https://bugzilla.redhat.com/show_bug.cgi?id=2147572 - Issue Tracking, Patch, Third Party Advisory
CWE	~~CWE-281~~	CWE-401

27 Jan 2023, 19:12

Type	Values Removed	Values Added
New CVE

Information

Published : 2023-01-27 18:15

Updated : 2025-03-28 16:15

NVD link : CVE-2022-4139

Mitre link : CVE-2022-4139

CVE.ORG link : CVE-2022-4139

JSON object : View

Products Affected

linux

linux_kernel

CWE

CWE-281

Improper Preservation of Permissions

CWE-401

Missing Release of Memory after Effective Lifetime

7.8 /10