CVE-2022-0516
Published on: Not Yet Published
Last Modified on: 10/04/2022 09:16:00 PM UTC
Certain versions of Debian Linux from Debian contain the following vulnerability:
A vulnerability was found in kvm_s390_guest_sida_op in the arch/s390/kvm/kvm-s390.c function in KVM for s390 in the Linux kernel. This flaw allows a local attacker with a normal user privilege to obtain unauthorized memory write access. This flaw affects Linux kernel versions prior to 5.17-rc4.
- CVE-2022-0516 has been assigned by
[email protected] to track the vulnerability - currently rated as HIGH severity.
CVSS3 Score: 7.8 - HIGH
Attack Vector ⓘ |
Attack Complexity |
Privileges Required |
User Interaction |
---|---|---|---|
LOCAL | LOW | LOW | NONE |
Scope | Confidentiality Impact |
Integrity Impact |
Availability Impact |
UNCHANGED | HIGH | HIGH | HIGH |
CVSS2 Score: 4.6 - MEDIUM
Access Vector ⓘ |
Access Complexity |
Authentication |
---|---|---|
LOCAL | LOW | NONE |
Confidentiality Impact |
Integrity Impact |
Availability Impact |
PARTIAL | PARTIAL | PARTIAL |
CVE References
Description | Tags ⓘ | Link |
---|---|---|
kernel/git/torvalds/linux.git - Linux kernel source tree | git.kernel.org text/html |
![]() |
2050237 – (CVE-2022-0516) CVE-2022-0516 kernel: missing check in ioctl allows kernel memory read/write | bugzilla.redhat.com text/html |
![]() |
Debian -- Security Information -- DSA-5092-1 linux | www.debian.org Depreciated Link text/html |
![]() |
CVE-2022-0516 Linux Kernel Vulnerability in NetApp Products | NetApp Product Security | security.netapp.com text/html |
![]() |
Related QID Numbers
- 159700 Oracle Enterprise Linux Security Update for kernel (ELSA-2022-0825)
- 179104 Debian Security Update for linux (DSA 5092-1)
- 198708 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5337-1)
- 198709 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5338-1)
- 198728 Ubuntu Security Notification for Linux kernel (Intel IOTG) Vulnerabilities (USN-5362-1)
- 198731 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5368-1)
- 240122 Red Hat Update for kernel security (RHSA-2022:0777)
- 240128 Red Hat Update for kernel security (RHSA-2022:0825)
- 282398 Fedora Security Update for kernel (FEDORA-2022-6f887c7be7)
- 282399 Fedora Security Update for kernel (FEDORA-2022-df17aabb12)
- 376925 Alibaba Cloud Linux Security Update for cloud-kernel (ALINUX3-SA-2022:0125)
- 751836 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:0759-1)
- 751852 OpenSUSE Security Update for the Linux Kernel (openSUSE-SU-2022:0755-1)
- 751853 OpenSUSE Security Update for the Linux Kernel (openSUSE-SU-2022:0760-1)
- 751999 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:0760-1)
- 753086 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:0755-1)
- 753110 SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 12 for SLE 15 SP3) (SUSE-SU-2022:0619-1)
- 753188 SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 7 for SLE 15 SP3) (SUSE-SU-2022:0660-1)
- 753338 SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 14 for SLE 15 SP3) (SUSE-SU-2022:0615-1)
- 753348 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:1038-1)
- 753373 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:1257-1)
- 900751 Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (8990)
- 901900 Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (8997-1)
- 906188 Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (8990-1)
- 906289 Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (8997-2)
- 940463 AlmaLinux Security Update for kernel (ALSA-2022:0825)
- 960805 Rocky Linux Security Update for kernel (RLSA-2022:0825)
Known Affected Configurations (CPE V2.3)
Type | Vendor | Product | Version | Update | Edition | Language |
---|---|---|---|---|---|---|
Operating System | Debian | Debian Linux | 11.0 | All | All | All |
Operating System | Fedoraproject | Fedora | 34 | All | All | All |
Operating System | Fedoraproject | Fedora | 35 | All | All | All |
Operating System | Linux | Linux Kernel | All | All | All | All |
Operating System | Linux | Linux Kernel | 5.17 | rc1 | All | All |
Operating System | Linux | Linux Kernel | 5.17 | rc2 | All | All |
Operating System | Linux | Linux Kernel | 5.17 | rc3 | All | All |
Hardware
| Netapp | H300e | - | All | All | All |
Operating System | Netapp | H300e Firmware | - | All | All | All |
Hardware
| Netapp | H300s | - | All | All | All |
Operating System | Netapp | H300s Firmware | - | All | All | All |
Hardware
| Netapp | H410c | - | All | All | All |
Operating System | Netapp | H410c Firmware | - | All | All | All |
Hardware
| Netapp | H410s | - | All | All | All |
Operating System | Netapp | H410s Firmware | - | All | All | All |
Hardware
| Netapp | H500e | - | All | All | All |
Operating System | Netapp | H500e Firmware | - | All | All | All |
Hardware
| Netapp | H500s | - | All | All | All |
Operating System | Netapp | H500s Firmware | - | All | All | All |
Hardware
| Netapp | H700e | - | All | All | All |
Operating System | Netapp | H700e Firmware | - | All | All | All |
Hardware
| Netapp | H700s | - | All | All | All |
Operating System | Netapp | H700s Firmware | - | All | All | All |
Application | Redhat | Codeready Linux Builder | - | All | All | All |
Operating System | Redhat | Enterprise Linux | 8.0 | All | All | All |
Operating System | Redhat | Enterprise Linux | 8.0 | All | All | All |
Operating System | Redhat | Enterprise Linux Eus | 8.4 | All | All | All |
Operating System | Redhat | Enterprise Linux Eus | 8.4 | All | All | All |
Operating System | Redhat | Enterprise Linux For Ibm Z Systems | 8.0 | All | All | All |
Operating System | Redhat | Enterprise Linux For Ibm Z Systems Eus | 8.4 | All | All | All |
Operating System | Redhat | Enterprise Linux For Power Little Endian | 8.0 | All | All | All |
Operating System | Redhat | Enterprise Linux For Power Little Endian | 8.0 | All | All | All |
Operating System | Redhat | Enterprise Linux For Power Little Endian Eus | 8.4 | All | All | All |
Operating System | Redhat | Enterprise Linux For Power Little Endian Eus | 8.4 | All | All | All |
Operating System | Redhat | Enterprise Linux Server Aus | 8.4 | All | All | All |
Operating System | Redhat | Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions | 8.4 | All | All | All |
Operating System | Redhat | Enterprise Linux Server Tus | 8.4 | All | All | All |
Operating System | Redhat | Enterprise Linux Server Update Services For Sap Solutions | 8.4 | All | All | All |
Application | Redhat | Virtualization Host | 4.0 | All | All | All |
- cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*:
- cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*:
- cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*:
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*:
- cpe:2.3:o:linux:linux_kernel:5.17:rc1:*:*:*:*:*:*:
- cpe:2.3:o:linux:linux_kernel:5.17:rc2:*:*:*:*:*:*:
- cpe:2.3:o:linux:linux_kernel:5.17:rc3:*:*:*:*:*:*:
- cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*:
- cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*:
- cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*:
- cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*:
- cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*:
- cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*:
- cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*:
- cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*:
- cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*:
- cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*:
- cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*:
- cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*:
- cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*:
- cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*:
- cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*:
- cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*:
- cpe:2.3:a:redhat:codeready_linux_builder:-:*:*:*:*:*:*:*:
- cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*:
- cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*:
- cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*:
- cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*:
- cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0:*:*:*:*:*:*:*:
- cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.4:*:*:*:*:*:*:*:
- cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0:*:*:*:*:*:*:*:
- cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0:*:*:*:*:*:*:*:
- cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.4:*:*:*:*:*:*:*:
- cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.4:*:*:*:*:*:*:*:
- cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*:
- cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.4:*:*:*:*:*:*:*:
- cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*:
- cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.4:*:*:*:*:*:*:*:
- cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*:
No vendor comments have been submitted for this CVE
Social Mentions
Source | Title | Posted (UTC) |
---|---|---|
![]() |
Linux Kernel の IBM S/390 用 KVM の処理に特権を奪われる問題 (CVE-2022-0516) [41503] sid.softek.jp/content/show/4… #SIDfm #脆弱性情報 | 2022-03-08 06:30:03 |
![]() |
CVE-2022-0516 : A vulnerability was found in kvm_s390_guest_sida_op in the arch/s390/kvm/kvm-s390.c function in KVM… twitter.com/i/web/status/1… | 2022-03-10 17:46:29 |
![]() |
Kvm - CVE-2022-0516: bugzilla.redhat.com/show_bug.cgi?i… | 2022-03-10 20:00:20 |