PT-2022-2585 · Linux+8 · Linux Kernel+8

Gaoning Pan

+2

·

Published

2022-04-02

·

Updated

2023-08-14

·

CVE-2022-1158

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux Kernel versions prior to the fixed version
Description A flaw was found in the Kernel-based Virtual Machine (KVM) subsystem of the Linux kernel. The issue is related to the get user pages fast() function and involves writing data outside the buffer in memory. This flaw allows unprivileged local users on the host to write outside the userspace region and potentially corrupt the kernel, resulting in a denial of service condition. The vaddr and vm pgoff variables are controllable by user-mode processes, which can be exploited to cause the issue.
Recommendations For Linux Kernel versions prior to the fixed version, consider updating to a newer version that contains a fix for this issue. As a temporary workaround, restrict access to the KVM subsystem to minimize the risk of exploitation. Avoid using the get user pages fast() function until a patch is available.

Exploit

Fix

DoS

Memory Corruption

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-787CWE-416

Related Identifiers

ALT-PU-2022-1656
ALT-PU-2022-1657
ALT-PU-2022-1678
ALT-PU-2022-1679
ALT-PU-2022-1680
ALT-PU-2022-1688
ALT-PU-2022-1713
ALT-PU-2022-1730
ALT-PU-2022-1746
ALT-PU-2022-1833
ALT-PU-2022-1880
ALT-PU-2022-1881
ALT-PU-2022-1907
ALT-PU-2022-2152
ALT-PU-2022-2155
ALT-PU-2023-4894
AZL-10540
BDU:2022-03034
CESA-2022_7444
CESA-2022_7683
CVE-2022-1158
DSA-5127-1
MGASA-2022-0154
MGASA-2022-0155
OESA-2022-1727
OPENSUSE-SU-2022_1676-1
OPENSUSE-SU-2022_1687-1
RHSA-2022:7444
RHSA-2022:7683
RHSA-2022:7933
RHSA-2022:8267
RHSA-2022:8673
RHSA-2022:8685
RHSA-2022:8686
RHSA-2022:8809
RHSA-2022:8831
RHSA-2022:8940
RHSA-2022:8941
RHSA-2022:8973
RHSA-2022:8974
RHSA-2022:8989
RHSA-2022:9082
RHSA-2022_7444
RHSA-2022_7683
RHSA-2022_7933
RHSA-2022_8267
SUSE-SU-2022:1569-1
SUSE-SU-2022:1571-1
SUSE-SU-2022:1573-1
SUSE-SU-2022:1575-1
SUSE-SU-2022:1591-1
SUSE-SU-2022:1605-1
SUSE-SU-2022:1629-1
SUSE-SU-2022:1634-1
SUSE-SU-2022:1637-1
SUSE-SU-2022:1669-1
SUSE-SU-2022:1676-1
SUSE-SU-2022:1687-1
SUSE-SU-2022:2104-1
SUSE-SU-2022_1569-1
SUSE-SU-2022_1571-1
SUSE-SU-2022_1573-1
SUSE-SU-2022_1575-1
SUSE-SU-2022_1591-1
SUSE-SU-2022_1605-1
SUSE-SU-2022_1629-1
SUSE-SU-2022_1634-1
SUSE-SU-2022_1637-1
SUSE-SU-2022_1669-1
SUSE-SU-2022_1676-1
SUSE-SU-2022_1687-1
USN-5416-1
USN-5467-1
USN-5468-1
USN-5469-1

Affected Products

Alt Linux
Astra Linux
Centos
Linux Kernel
Linuxmint
Red Hat
Red Os
Suse
Ubuntu