Open mend-bolt-for-github[bot] opened 2 years ago
An issue was discovered the x86 KVM subsystem in the Linux kernel before 5.18.17. Unprivileged guest users can compromise the guest kernel because TLB flush operations are mishandled in certain KVM_VCPU_PREEMPTED situations.
Publish Date: 2022-09-02
URL: CVE-2022-39189
Base Score Metrics: - Exploitability Metrics: - Attack Vector: Local - Attack Complexity: Low - Privileges Required: Low - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High
Type: Upgrade version
Origin: https://www.linuxkernelcves.com/cves/CVE-2022-39189
Release Date: 2022-09-02
Fix Resolution: v5.15.60,v5.18.17
Step up your Open Source Security Game with Mend here
CVE-2022-39189 - High Severity Vulnerability
Vulnerable Libraries - linuxlinux-4.19.236, linuxlinux-4.19.236
Vulnerability Details
An issue was discovered the x86 KVM subsystem in the Linux kernel before 5.18.17. Unprivileged guest users can compromise the guest kernel because TLB flush operations are mishandled in certain KVM_VCPU_PREEMPTED situations.
Publish Date: 2022-09-02
URL: CVE-2022-39189
CVSS 3 Score Details (7.8)
Base Score Metrics: - Exploitability Metrics: - Attack Vector: Local - Attack Complexity: Low - Privileges Required: Low - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High
For more information on CVSS3 Scores, click here.Suggested Fix
Type: Upgrade version
Origin: https://www.linuxkernelcves.com/cves/CVE-2022-39189
Release Date: 2022-09-02
Fix Resolution: v5.15.60,v5.18.17
Step up your Open Source Security Game with Mend here