Closed witchcraze closed 1 year ago
- CVE-2022-1158
- Suggested Configuration
- OR
*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 5.2 up to (excluding) 5.4.189
*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 5.5 up to (excluding) 5.10.110
*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 5.11 up to (excluding) 5.15.33
*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 5.16 up to (excluding) 5.16.19
*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 5.17 up to (excluding) 5.17.2
- Reference
- https://bugzilla.redhat.com/show_bug.cgi?id=2069793
- https://security-tracker.debian.org/tracker/CVE-2022-1158
- https://www.kernel.org/pub//linux/kernel/v5.x/ChangeLog-5.4.189
- https://www.kernel.org/pub//linux/kernel/v5.x/ChangeLog-5.10.110
- https://www.kernel.org/pub//linux/kernel/v5.x/ChangeLog-5.15.33
- https://www.kernel.org/pub//linux/kernel/v5.x/ChangeLog-5.16.19
- https://www.kernel.org/pub//linux/kernel/v5.x/ChangeLog-5.17.2
- https://www.kernel.org/pub//linux/kernel/v5.x/ChangeLog-5.18
- Introduce
- https://www.kernel.org/pub//linux/kernel/v5.x/ChangeLog-5.2
- Reference (Commit)
- KVM: x86/mmu: do compare-and-exchange of gPTE via the user address
- Fixed by
- 5.4.189 (1553126eccf4fad17afaeaed08db9e5944aa2d55)
- 5.10.110 (e90518d10c7dd59d5ebbe25b0f0083a7dbffa42f)
- 5.15.33 (8771d9673e0bdb7148299f3c074667124bde6dff)
- 5.16.19 (9a611c57530050dc359a83177c2f97678b1f961e)
- 5.17.2 (5051c04d70c6e035c2c923c04fbe015a4468b08d)
- 5.18 (2a8859f373b0a86f0ece8ec8312607eacf12485d) (upstream)
- Will be introduced by
- 5.2 (bd53cb35a3e9)
- I Checked
- From redhat and debian page, 2a8859f373b0a86f0ece8ec8312607eacf12485d is upstream commit
- 2a8859f373b0a86f0ece8ec8312607eacf12485d is written as upstream commit in each ChangeLog
- From 2a8859f373b0a86f0ece8ec8312607eacf12485d commit, "Fixes: bd53cb35a3e9" is written
- bd53cb35a3e9 is written in ChangeLog-5.2
[CVE Configuration Update Request] Update Suggestion - CVE-2022-1158 - Cvss3 : 7.8
https://www.linuxkernelcves.com/cves/CVE-2022-1158 https://gitlab.com/cip-project/cip-kernel/cip-kernel-sec/-/blob/master/issues/CVE-2022-1158.yml https://github.com/witchcraze/NVD_CHECK/blob/main/kernel/CVE-2022-1158.json