CVE-2022-1158

Published on: Not Yet Published

Last Modified on: 08/06/2022 02:35:00 AM UTC

The following vulnerability was found:

A flaw was found in KVM. When updating a guest's page table entry, vm_pgoff was improperly used as the offset to get the page's pfn. As vaddr and vm_pgoff are controllable by user-mode processes, this flaw allows unprivileged local users on the host to write outside the userspace region and potentially corrupt the kernel, resulting in a denial of service condition.

CVE References

Description Tags Link
2069793 – (CVE-2022-1158) CVE-2022-1158 kernel: KVM: cmpxchg_gpte can write to pfns outside the userspace region bugzilla.redhat.com
text/html
URL Logo MISC bugzilla.redhat.com/show_bug.cgi?id=2069793
oss-security - CVE-2022-1158: Linux Kernel v5.2+: x86/kvm: cmpxchg_gpte can write to pfns outside the userspace region www.openwall.com
text/x-c
URL Logo MISC www.openwall.com/lists/oss-security/2022/04/08/4

Related QID Numbers

  • 159745 Oracle Enterprise Linux Security Update for unbreakable enterprise kernel-container (ELSA-2022-9265)
  • 159746 Oracle Enterprise Linux Security Update for unbreakable enterprise kernel (ELSA-2022-9264)
  • 159754 Oracle Enterprise Linux Security Update for unbreakable enterprise kernel-container (ELSA-2022-9274)
  • 159755 Oracle Enterprise Linux Security Update for unbreakable enterprise kernel (ELSA-2022-9273)
  • 159785 Oracle Enterprise Linux Security Update for unbreakable enterprise kernel-container (ELSA-2022-9368)
  • 159788 Oracle Enterprise Linux Security Update for unbreakable enterprise kernel (ELSA-2022-9365)
  • 179258 Debian Security Update for linux (DSA 5127-1)
  • 198783 Ubuntu Security Notification for Linux kernel (OEM) Vulnerabilities (USN-5416-1)
  • 198822 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5469-1)
  • 198824 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5467-1)
  • 198826 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5468-1)
  • 353964 Amazon Linux Security Advisory for kernel : ALAS2KERNEL-5.15-2022-001
  • 752126 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:1687-1)
  • 752242 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:2104-1)

Social Mentions

Source Title Posted (UTC)
Twitter Icon @oss_security CVE-2022-1158: Linux Kernel v5.2+: x86/kvm: cmpxchg_gpte can write to pfns outside the userspace region: Posted by… twitter.com/i/web/status/1… 2022-04-08 11:06:05
Twitter Icon @secalertsasia oss-sec: CVE-2022-1158: Linux Kernel v5.2+: x86/kvm: cmpxchg_gpte can write to pfns outside the userspace region… twitter.com/i/web/status/1… 2022-04-15 00:38:14
Twitter Icon @sidfm_jp Linux Kernel の KVM の処理に特権を奪われる問題 (CVE-2022-1158) [42030] sid.softek.jp/content/show/4… #SIDfm #脆弱性情報 2022-05-09 05:30:05
Twitter Icon @CVEreport CVE-2022-1158 : A flaw was found in KVM. When updating a guest's page table entry, vm_pgoff was improperly used as… twitter.com/i/web/status/1… 2022-08-05 17:03:41
Twitter Icon @JohnJasonFallow New vulnerability on the NVD: CVE-2022-1158 ift.tt/aszykth 2022-08-05 18:11:37
Twitter Icon @WesUncensored New vulnerability on the NVD: CVE-2022-1158 ift.tt/ASuUTft 2022-08-05 18:33:24
Twitter Icon @workentin New vulnerability on the NVD: CVE-2022-1158 ift.tt/fINq9gH 2022-08-05 18:40:39
Twitter Icon @xanadulinux CVE-2022-1158 ift.tt/Q43jq2S 2022-08-05 18:52:24
Twitter Icon @LinInfoSec Kvm - CVE-2022-1158: bugzilla.redhat.com/show_bug.cgi?i… 2022-08-05 20:01:54
Twitter Icon @Har_sia CVE-2022-1158 har-sia.info/CVE-2022-1158.… #HarsiaInfo 2022-08-06 23:01:09
Reddit Logo Icon /r/netcve CVE-2022-1158 2022-08-05 18:38:42
© CVE.report 2022 Twitter Nitter Twitter Viewer |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

CVE.report and Source URL Uptime Status status.cve.report