PT-2022-6045 · Linux+8 · Linux Kernel+8

Published

2022-09-28

·

Updated

2024-04-15

·

CVE-2022-2196

CVSS v3.1

8.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux Kernel versions prior to 6.2
Description A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks. L2 can carry out Spectre v2 attacks on L1 due to L1 thinking it doesn't need retpolines or IBPB after running L2 due to KVM (L0) advertising eIBRS support to L1. An attacker at L2 with code execution can execute code on an indirect branch on the host machine.
Recommendations To resolve the issue, upgrade to Kernel 6.2 or apply the patch from commit 2e7eab81425a. As a temporary workaround, consider restricting access to the vulnerable KVM: nVMX component until a patch is available.

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-1188CWE-200

Related Identifiers

ALSA-2023:2148
ALSA-2023:2458
ALSA-2023:2736
ALSA-2023:2951
ALT-PU-2023-1373
ALT-PU-2023-1434
ALT-PU-2023-1539
ALT-PU-2023-1566
ALT-PU-2024-4263
ALT-PU-2024-4843
AZL-12951
BDU:2022-07509
CESA-2023_2736
CESA-2023_2951
CVE-2022-2196
DLA-3404-1
MGASA-2023-0087
MGASA-2023-0088
OESA-2023-1035
OESA-2023-1036
OPENSUSE-SU-2023_2646-1
RHSA-2023:2148
RHSA-2023:2458
RHSA-2023:2736
RHSA-2023:2951
RHSA-2023_2148
RHSA-2023_2458
RHSA-2023_2736
RHSA-2023_2951
RHSA-2024:0930
SUSE-SU-2023:2140-1
SUSE-SU-2023:2141-1
SUSE-SU-2023:2146-1
SUSE-SU-2023:2147-1
SUSE-SU-2023:2148-1
SUSE-SU-2023:2231-1
SUSE-SU-2023:2646-1
SUSE-SU-2023:2809-1
USN-5970-1
USN-5976-1
USN-5977-1
USN-5978-1
USN-5979-1
USN-5980-1
USN-5982-1
USN-5985-1
USN-5987-1
USN-6004-1
USN-6020-1
USN-6151-1

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Linux Kernel
Linuxmint
Red Hat
Suse
Ubuntu