PT-2022-1376 · Linux+8 · Linux Kernel+8
Jann Horn
·
Published
2022-05-30
·
Updated
2025-05-05
·
CVE-2022-39189
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Linux kernel versions prior to 5.18.17
Description
An issue in the x86 KVM subsystem of the Linux kernel allows unprivileged guest users to compromise the guest kernel due to mishandled TLB flush operations in certain KVM VCPU PREEMPTED situations. The vulnerability is related to incorrect handling of virtual processor state information. This could lead to local escalation of privilege with no additional execution privileges needed, and user interaction is not required for exploitation.
Recommendations
For Linux kernel versions prior to 5.18.17, update to version 5.18.17 or later to resolve the issue. As a temporary workaround, consider restricting access to the KVM subsystem to minimize the risk of exploitation.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Alt Linux
Almalinux
Astra Linux
Centos
Linuxmint
Linux Kernel
Red Hat
Suse
Ubuntu