CVE-2022-50228

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.17.0-rc3+

Description A vulnerability in the Linux kernel has been resolved, specifically in the KVM: SVM component. The issue occurs when userspace injects an interrupt with GIF=0, which can cause the kernel to BUG or WARN. This situation can be forced by userspace via KVM SET VCPU EVENTS. The vulnerability is related to the svm inject irq function and can be triggered by injecting pending events through the inject pending event function, which is called by kvm arch vcpu ioctl run and kvm vcpu ioctl. The estimated number of potentially affected devices is not provided.

Recommendations To resolve the issue, update the Linux kernel to a version later than 5.17.0-rc3+. As a temporary workaround, consider restricting access to the KVM SET VCPU EVENTS interface to minimize the risk of exploitation. Avoid using the svm inject irq function until the issue is resolved. At the moment, there is no information about additional mitigation measures.