CVE-2022-49933

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A vulnerability in the Linux kernel has been resolved, related to KVM (Kernel-based Virtual Machine) and VMX (Virtual Machine Extensions). The issue involves resetting eVMCS controls in the per-CPU VP assist page during hardware disabling. This reset is necessary to prevent a potential NULL pointer dereference bug when KVM disables CPU hotplug while enabling and disabling hardware. The controls are only activated if KVM creates a VM. The fix involves resetting the eVMCS controls during hardware disabling instead of waiting until the kvm-intel module exit.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.