{"api_version":"1","generated_at":"2026-04-22T23:52:43+00:00","cve":"CVE-2022-2196","urls":{"html":"https://cve.report/CVE-2022-2196","api":"https://cve.report/api/cve/CVE-2022-2196.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2022-2196","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2022-2196"},"summary":{"title":"CVE-2022-2196","description":"A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks. L2 can carry out Spectre v2 attacks on L1 due to L1 thinking it doesn't need retpolines or IBPB after running L2 due to KVM (L0) advertising eIBRS support to L1. An attacker at L2 with code execution can execute code on an indirect branch on the host machine. We recommend upgrading to Kernel 6.2 or past commit 2e7eab81425a","state":"PUBLIC","assigner":"security@google.com","published_at":"2023-01-09 11:15:00","updated_at":"2023-08-18 18:56:00"},"problem_types":["CWE-1188"],"metrics":[],"references":[{"url":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=2e7eab81425ad6c875f2ed47c0ce01e78afc38a5","name":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=2e7eab81425ad6c875f2ed47c0ce01e78afc38a5","refsource":"MISC","tags":[],"title":"kernel/git/torvalds/linux.git - Linux kernel source tree","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html","name":"https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html","refsource":"MISC","tags":[],"title":"[SECURITY] [DLA 3404-1] linux-5.10 security update","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://kernel.dance/#2e7eab81425a","name":"https://kernel.dance/#2e7eab81425a","refsource":"MISC","tags":[],"title":"????????","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2022-2196","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-2196","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2022","cve_id":"2196","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"debian","cpe5":"debian_linux","cpe6":"10.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"2196","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"linux","cpe5":"linux_kernel","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2022-2196","qid":"160528","title":"Oracle Enterprise Linux Security Update for unbreakable enterprise kernel (ELSA-2023-12226)"},{"cve":"CVE-2022-2196","qid":"160551","title":"Oracle Enterprise Linux Security Update for unbreakable enterprise kernel-container (ELSA-2023-12256)"},{"cve":"CVE-2022-2196","qid":"160554","title":"Oracle Enterprise Linux Security Update for unbreakable enterprise kernel (ELSA-2023-12255)"},{"cve":"CVE-2022-2196","qid":"160583","title":"Oracle Enterprise Linux Security Update for kernel (ELSA-2023-2458)"},{"cve":"CVE-2022-2196","qid":"160692","title":"Oracle Enterprise Linux Security Update for kernel (ELSA-2023-2951)"},{"cve":"CVE-2022-2196","qid":"181765","title":"Debian Security Update for linux-5.10 (DLA 3404-1)"},{"cve":"CVE-2022-2196","qid":"183128","title":"Debian Security Update for linux (CVE-2022-2196)"},{"cve":"CVE-2022-2196","qid":"199251","title":"Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5970-1)"},{"cve":"CVE-2022-2196","qid":"199254","title":"Ubuntu Security Notification for Linux kernel (OEM) Vulnerabilities (USN-5978-1)"},{"cve":"CVE-2022-2196","qid":"199255","title":"Ubuntu Security Notification for Linux kernel (OEM) Vulnerabilities (USN-5976-1)"},{"cve":"CVE-2022-2196","qid":"199256","title":"Ubuntu Security Notification for Linux kernel (OEM) Vulnerabilities (USN-5977-1)"},{"cve":"CVE-2022-2196","qid":"199258","title":"Ubuntu Security Notification for Linux kernel (HWE) Vulnerabilities (USN-5979-1)"},{"cve":"CVE-2022-2196","qid":"199259","title":"Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5980-1)"},{"cve":"CVE-2022-2196","qid":"199260","title":"Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5982-1)"},{"cve":"CVE-2022-2196","qid":"199264","title":"Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5985-1)"},{"cve":"CVE-2022-2196","qid":"199265","title":"Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5987-1)"},{"cve":"CVE-2022-2196","qid":"199280","title":"Ubuntu Security Notification for Linux kernel (Intel IoTG) Vulnerabilities (USN-6004-1)"},{"cve":"CVE-2022-2196","qid":"199289","title":"Ubuntu Security Notification for Linux kernel (BlueField) Vulnerabilities (USN-6020-1)"},{"cve":"CVE-2022-2196","qid":"199405","title":"Ubuntu Security Notification for Linux kernel (Xilinx ZynqMP) Vulnerabilities (USN-6151-1)"},{"cve":"CVE-2022-2196","qid":"241417","title":"Red Hat Update for kernel security (RHSA-2023:2458)"},{"cve":"CVE-2022-2196","qid":"241468","title":"Red Hat Update for kernel-rt (RHSA-2023:2148)"},{"cve":"CVE-2022-2196","qid":"241504","title":"Red Hat Update for kernel security (RHSA-2023:2951)"},{"cve":"CVE-2022-2196","qid":"241527","title":"Red Hat Update for kernel-rt (RHSA-2023:2736)"},{"cve":"CVE-2022-2196","qid":"242941","title":"Red Hat Update for kernel (RHSA-2024:0930)"},{"cve":"CVE-2022-2196","qid":"283611","title":"Fedora Security Update for kernel (FEDORA-2023-f4f9182dc8)"},{"cve":"CVE-2022-2196","qid":"283612","title":"Fedora Security Update for kernel (FEDORA-2023-3fd7349f60)"},{"cve":"CVE-2022-2196","qid":"354820","title":"Amazon Linux Security Advisory for kernel : ALAS2KERNEL-5.4-2023-043"},{"cve":"CVE-2022-2196","qid":"354822","title":"Amazon Linux Security Advisory for kernel : ALAS2KERNEL-5.15-2023-015"},{"cve":"CVE-2022-2196","qid":"354837","title":"Amazon Linux Security Advisory for kernel : ALAS2KERNEL-5.10-2023-028"},{"cve":"CVE-2022-2196","qid":"355255","title":"Amazon Linux Security Advisory for kernel : ALAS-2023-127"},{"cve":"CVE-2022-2196","qid":"355287","title":"Amazon Linux Security Advisory for kernel : ALAS-2023-127"},{"cve":"CVE-2022-2196","qid":"355294","title":"Amazon Linux Security Advisory for kernel : ALAS-2023-127"},{"cve":"CVE-2022-2196","qid":"355295","title":"Amazon Linux Security Advisory for kernel : ALAS-2023-127"},{"cve":"CVE-2022-2196","qid":"355300","title":"Amazon Linux Security Advisory for kernel : ALAS-2023-127"},{"cve":"CVE-2022-2196","qid":"355303","title":"Amazon Linux Security Advisory for kernel : ALAS-2023-127"},{"cve":"CVE-2022-2196","qid":"355309","title":"Amazon Linux Security Advisory for kernel : ALAS-2023-127"},{"cve":"CVE-2022-2196","qid":"355312","title":"Amazon Linux Security Advisory for kernel : ALAS2023-2023-127"},{"cve":"CVE-2022-2196","qid":"378468","title":"Alibaba Cloud Linux Security Update for cloud-kernel (ALINUX3-SA-20230042)"},{"cve":"CVE-2022-2196","qid":"378512","title":"Alibaba Cloud Linux Security Update for cloud-kernel (ALINUX3-SA-2023:0042)"},{"cve":"CVE-2022-2196","qid":"6140320","title":"AWS Bottlerocket Security Update for kernel (GHSA-m593-23x6-9vp9)"},{"cve":"CVE-2022-2196","qid":"672914","title":"EulerOS Security Update for kernel (EulerOS-SA-2023-1781)"},{"cve":"CVE-2022-2196","qid":"672951","title":"EulerOS Security Update for kernel (EulerOS-SA-2023-1759)"},{"cve":"CVE-2022-2196","qid":"753981","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:2146-1)"},{"cve":"CVE-2022-2196","qid":"753982","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:2148-1)"},{"cve":"CVE-2022-2196","qid":"755851","title":"SUSE Enterprise Linux Security Update for the linux kernel (SUSE-SU-2023:2646-1)"},{"cve":"CVE-2022-2196","qid":"905181","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (12947)"},{"cve":"CVE-2022-2196","qid":"905221","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (12951)"},{"cve":"CVE-2022-2196","qid":"906557","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (12947-1)"},{"cve":"CVE-2022-2196","qid":"906600","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (12947-3)"},{"cve":"CVE-2022-2196","qid":"906653","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (12951-3)"},{"cve":"CVE-2022-2196","qid":"906774","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (12947-5)"},{"cve":"CVE-2022-2196","qid":"941023","title":"AlmaLinux Security Update for kernel (ALSA-2023:2458)"},{"cve":"CVE-2022-2196","qid":"941061","title":"AlmaLinux Security Update for kernel-rt (ALSA-2023:2148)"},{"cve":"CVE-2022-2196","qid":"941096","title":"AlmaLinux Security Update for kernel (ALSA-2023:2951)"},{"cve":"CVE-2022-2196","qid":"941114","title":"AlmaLinux Security Update for kernel-rt (ALSA-2023:2736)"}]},"source_records":{"cve_program":{"data_version":"4.0","data_type":"CVE","data_format":"MITRE","CVE_data_meta":{"ID":"CVE-2022-2196","ASSIGNER":"security@google.com","STATE":"PUBLIC"},"description":{"description_data":[{"lang":"eng","value":"A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks. L2 can carry out Spectre v2 attacks on L1 due to L1 thinking it doesn't need retpolines or IBPB after running L2 due to KVM (L0) advertising eIBRS support to L1. An attacker at L2 with code execution can execute code on an indirect branch on the host machine. We recommend upgrading to Kernel 6.2 or past commit 2e7eab81425a\n"}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-1188 Insecure Default Initialization of Resource","cweId":"CWE-1188"}]}]},"affects":{"vendor":{"vendor_data":[{"vendor_name":"Linux","product":{"product_data":[{"product_name":"Linux Kernel","version":{"version_data":[{"version_affected":"<","version_name":"0","version_value":"2e7eab81425a"}]}}]}}]}},"references":{"reference_data":[{"url":"https://kernel.dance/#2e7eab81425a","refsource":"MISC","name":"https://kernel.dance/#2e7eab81425a"},{"url":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=2e7eab81425ad6c875f2ed47c0ce01e78afc38a5","refsource":"MISC","name":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=2e7eab81425ad6c875f2ed47c0ce01e78afc38a5"},{"url":"https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html","refsource":"MISC","name":"https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html"}]},"generator":{"engine":"Vulnogram 0.1.0-dev"},"source":{"discovery":"INTERNAL"},"impact":{"cvss":[{"attackComplexity":"HIGH","attackVector":"LOCAL","availabilityImpact":"LOW","baseScore":5.8,"baseSeverity":"MEDIUM","confidentialityImpact":"LOW","integrityImpact":"HIGH","privilegesRequired":"LOW","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:L","version":"3.1"}]}},"nvd":{"publishedDate":"2023-01-09 11:15:00","lastModifiedDate":"2023-08-18 18:56:00","problem_types":["CWE-1188"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.8,"baseSeverity":"HIGH"},"exploitabilityScore":2,"impactScore":6}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.14","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.96","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.7.3","versionEndExcluding":"5.10.170","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.6.19","versionEndExcluding":"5.7","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.4.47","versionEndExcluding":"5.4.233","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":null,"notes":[]}}}