An issue was discovered the x86 KVM subsystem in the Linux kernel before 5.18.17. Unprivileged guest users can compromise the guest kernel because TLB flush operations are mishandled in certain KVM_VCPU_PREEMPTED situations.
References
Link | Resource |
---|---|
https://bugs.chromium.org/p/project-zero/issues/detail?id=2309 | Issue Tracking Patch Third Party Advisory |
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.18.17 | Patch Release Notes Vendor Advisory |
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6cd88243c7e03845a450795e134b488fc2afb736 | Patch Vendor Advisory |
https://github.com/torvalds/linux/commit/6cd88243c7e03845a450795e134b488fc2afb736 | Patch Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html | |
https://security.netapp.com/advisory/ntap-20230214-0007/ | Third Party Advisory |
https://www.debian.org/security/2023/dsa-5480 | Third Party Advisory VDB Entry |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
20 Oct 2023, 00:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
12 Sep 2023, 19:41
Type | Values Removed | Values Added |
---|---|---|
References | (CONFIRM) https://security.netapp.com/advisory/ntap-20230214-0007/ - Third Party Advisory | |
References | (DEBIAN) https://www.debian.org/security/2023/dsa-5480 - Third Party Advisory, VDB Entry | |
First Time |
Netapp hci Baseboard Management Controller
Netapp |
|
CPE | cpe:2.3:a:netapp:hci_baseboard_management_controller:h500s:*:*:*:*:*:*:* cpe:2.3:a:netapp:hci_baseboard_management_controller:h700s:*:*:*:*:*:*:* cpe:2.3:a:netapp:hci_baseboard_management_controller:h410c:*:*:*:*:*:*:* cpe:2.3:a:netapp:hci_baseboard_management_controller:h300s:*:*:*:*:*:*:* cpe:2.3:a:netapp:hci_baseboard_management_controller:h410s:*:*:*:*:*:*:* |
19 Aug 2023, 18:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
Information
Published : 2022-09-02 05:15
Updated : 2024-02-28 19:29
NVD link : CVE-2022-39189
Mitre link : CVE-2022-39189
CVE.ORG link : CVE-2022-39189
JSON object : View
Products Affected
linux
- linux_kernel
netapp
- hci_baseboard_management_controller
CWE