CVE-2022-0516
Published on: Not Yet Published
Last Modified on: 03/31/2022 09:15:00 AM UTC
Certain versions of Debian Linux from Debian contain the following vulnerability:
A vulnerability was found in kvm_s390_guest_sida_op in the arch/s390/kvm/kvm-s390.c function in KVM for s390 in the Linux kernel. This flaw allows a local attacker with a normal user privilege to obtain unauthorized memory write access. This flaw affects Linux kernel versions prior to 5.17-rc4.
- CVE-2022-0516 has been assigned by
[email protected] to track the vulnerability - currently rated as HIGH severity.
CVSS3 Score: 7.8 - HIGH
Attack Vector ⓘ |
Attack Complexity |
Privileges Required |
User Interaction |
---|---|---|---|
LOCAL | LOW | LOW | NONE |
Scope | Confidentiality Impact |
Integrity Impact |
Availability Impact |
UNCHANGED | HIGH | HIGH | HIGH |
CVSS2 Score: 4.6 - MEDIUM
Access Vector ⓘ |
Access Complexity |
Authentication |
---|---|---|
LOCAL | LOW | NONE |
Confidentiality Impact |
Integrity Impact |
Availability Impact |
PARTIAL | PARTIAL | PARTIAL |
CVE References
Description | Tags ⓘ | Link |
---|---|---|
kernel/git/torvalds/linux.git - Linux kernel source tree | git.kernel.org text/html |
![]() |
2050237 – (CVE-2022-0516) CVE-2022-0516 kernel: missing check in ioctl allows kernel memory read/write | bugzilla.redhat.com text/html |
![]() |
Debian -- Security Information -- DSA-5092-1 linux | www.debian.org Depreciated Link text/html |
![]() |
CVE-2022-0516 Linux Kernel Vulnerability in NetApp Products | NetApp Product Security | security.netapp.com text/html |
![]() |
Related QID Numbers
- 159700 Oracle Enterprise Linux Security Update for kernel (ELSA-2022-0825)
- 179104 Debian Security Update for linux (DSA 5092-1)
- 198708 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5337-1)
- 198709 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5338-1)
- 198728 Ubuntu Security Notification for Linux kernel (Intel IOTG) Vulnerabilities (USN-5362-1)
- 198731 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5368-1)
- 240122 Red Hat Update for kernel security (RHSA-2022:0777)
- 240128 Red Hat Update for kernel security (RHSA-2022:0825)
- 282398 Fedora Security Update for kernel (FEDORA-2022-6f887c7be7)
- 282399 Fedora Security Update for kernel (FEDORA-2022-df17aabb12)
- 751836 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:0759-1)
- 751852 OpenSUSE Security Update for the Linux Kernel (openSUSE-SU-2022:0755-1)
- 751853 OpenSUSE Security Update for the Linux Kernel (openSUSE-SU-2022:0760-1)
- 751999 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:0760-1)
- 900751 Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (8990)
- 901900 Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (8997-1)
- 940463 AlmaLinux Security Update for kernel (ALSA-2022:0825)
Known Affected Configurations (CPE V2.3)
- cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*:
- cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*:
- cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*:
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*:
- cpe:2.3:o:linux:linux_kernel:5.17:rc1:*:*:*:*:*:*:
- cpe:2.3:o:linux:linux_kernel:5.17:rc2:*:*:*:*:*:*:
- cpe:2.3:o:linux:linux_kernel:5.17:rc3:*:*:*:*:*:*:
- cpe:2.3:a:redhat:codeready_linux_builder:-:*:*:*:*:*:*:*:
- cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*:
- cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*:
- cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*:
- cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*:
- cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0:*:*:*:*:*:*:*:
- cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.4:*:*:*:*:*:*:*:
- cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0:*:*:*:*:*:*:*:
- cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0:*:*:*:*:*:*:*:
- cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.4:*:*:*:*:*:*:*:
- cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.4:*:*:*:*:*:*:*:
- cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*:
- cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.4:*:*:*:*:*:*:*:
- cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*:
- cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.4:*:*:*:*:*:*:*:
- cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*:
No vendor comments have been submitted for this CVE
Social Mentions
Source | Title | Posted (UTC) |
---|---|---|
![]() |
Linux Kernel の IBM S/390 用 KVM の処理に特権を奪われる問題 (CVE-2022-0516) [41503] sid.softek.jp/content/show/4… #SIDfm #脆弱性情報 | 2022-03-08 06:30:03 |
![]() |
CVE-2022-0516 : A vulnerability was found in kvm_s390_guest_sida_op in the arch/s390/kvm/kvm-s390.c function in KVM… twitter.com/i/web/status/1… | 2022-03-10 17:46:29 |
![]() |
Kvm - CVE-2022-0516: bugzilla.redhat.com/show_bug.cgi?i… | 2022-03-10 20:00:20 |