PT-2019-3740 · Linux+5 · Linux Kernel+5
Felix Wilhelm
·
Publicado
2019-02-07
·
Atualizado
2024-06-15
·
CVE-2019-7222
CVSS v3.1
5.5
Média
| Vetor | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Linux kernel versions through 4.20.5
Description
The issue is related to a lack of protection for internal data in the Linux kernel, specifically in the KVM implementation. This can be exploited to reveal protected information by emulating certain instructions, such as VMXON, VMCLEAR, VMPTRLD, and VMWRITE, using a memory address as an operand. The estimated number of potentially affected devices is not specified.
Recommendations
For Linux kernel versions through 4.20.5, update to a version later than 4.20.5 to resolve the issue.
At the moment, there is no information about additional mitigation measures for this specific issue.
Exploit
Correção
Information Disclosure
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Alt Linux
Centos
Linux Kernel
Red Hat
Suse
Ubuntu