{"api_version":"1","generated_at":"2026-04-22T20:19:33+00:00","cve":"CVE-2022-4139","urls":{"html":"https://cve.report/CVE-2022-4139","api":"https://cve.report/api/cve/CVE-2022-4139.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2022-4139","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2022-4139"},"summary":{"title":"CVE-2022-4139","description":"An incorrect TLB flush issue was found in the Linux kernel’s GPU i915 kernel driver, potentially leading to random memory corruption or data leaks. This flaw could allow a local user to crash the system or escalate their privileges on the system.","state":"PUBLIC","assigner":"secalert@redhat.com","published_at":"2023-01-27 18:15:00","updated_at":"2023-05-12 13:28:00"},"problem_types":["CWE-401"],"metrics":[],"references":[{"url":"https://security.netapp.com/advisory/ntap-20230309-0004/","name":"https://security.netapp.com/advisory/ntap-20230309-0004/","refsource":"CONFIRM","tags":[],"title":"CVE-2022-4139 Linux Kernel Vulnerability in NetApp Products | NetApp Product Security","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2147572","name":"https://bugzilla.redhat.com/show_bug.cgi?id=2147572","refsource":"MISC","tags":[],"title":"2147572 – (CVE-2022-4139) CVE-2022-4139 kernel: i915: Incorrect GPU TLB flush can lead to random memory access","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.openwall.com/lists/oss-security/2022/11/30/1","name":"https://www.openwall.com/lists/oss-security/2022/11/30/1","refsource":"MISC","tags":[],"title":"oss-security - Security sensitive bug in the i915 kernel driver (CVE-2022-4139)","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2022-4139","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-4139","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2022","cve_id":"4139","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"linux","cpe5":"linux_kernel","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"4139","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"linux","cpe5":"linux_kernel","cpe6":"6.1","cpe7":"-","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"4139","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"linux","cpe5":"linux_kernel","cpe6":"6.1","cpe7":"rc1","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"4139","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"linux","cpe5":"linux_kernel","cpe6":"6.1","cpe7":"rc2","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"4139","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"linux","cpe5":"linux_kernel","cpe6":"6.1","cpe7":"rc3","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"4139","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"linux","cpe5":"linux_kernel","cpe6":"6.1","cpe7":"rc4","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"4139","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"linux","cpe5":"linux_kernel","cpe6":"6.1","cpe7":"rc5","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"4139","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"linux","cpe5":"linux_kernel","cpe6":"6.1","cpe7":"rc6","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2022-4139","qid":"160392","title":"Oracle Enterprise Linux Security Update for kernel (ELSA-2023-0101)"},{"cve":"CVE-2022-4139","qid":"160423","title":"Oracle Enterprise Linux Security Update for kernel (ELSA-2023-0334)"},{"cve":"CVE-2022-4139","qid":"160457","title":"Oracle Enterprise Linux Security Update for unbreakable enterprise kernel-container (ELSA-2023-12121)"},{"cve":"CVE-2022-4139","qid":"160459","title":"Oracle Enterprise Linux Security Update for unbreakable enterprise kernel (ELSA-2023-12116)"},{"cve":"CVE-2022-4139","qid":"160460","title":"Oracle Enterprise Linux Security Update for unbreakable enterprise kernel-container (ELSA-2023-12120)"},{"cve":"CVE-2022-4139","qid":"160462","title":"Oracle Enterprise Linux Security Update for unbreakable enterprise kernel (ELSA-2023-12119)"},{"cve":"CVE-2022-4139","qid":"181371","title":"Debian Security Update for linux (CVE-2022-4139)"},{"cve":"CVE-2022-4139","qid":"181440","title":"Debian Security Update for linux-5.10 (DLA 3244-1)"},{"cve":"CVE-2022-4139","qid":"199156","title":"Ubuntu Security Notification for Linux kernel (OEM) Vulnerabilities (USN-5859-1)"},{"cve":"CVE-2022-4139","qid":"199209","title":"Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5912-1)"},{"cve":"CVE-2022-4139","qid":"199211","title":"Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5911-1)"},{"cve":"CVE-2022-4139","qid":"199212","title":"Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5917-1)"},{"cve":"CVE-2022-4139","qid":"199220","title":"Ubuntu Security Notification for Linux kernel (Raspberry Pi) Vulnerabilities (USN-5929-1)"},{"cve":"CVE-2022-4139","qid":"199223","title":"Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5935-1)"},{"cve":"CVE-2022-4139","qid":"199224","title":"Ubuntu Security Notification for Linux kernel (Raspberry Pi) Vulnerabilities (USN-5934-1)"},{"cve":"CVE-2022-4139","qid":"199226","title":"Ubuntu Security Notification for Linux kernel (GCP) Vulnerabilities (USN-5939-1)"},{"cve":"CVE-2022-4139","qid":"199227","title":"Ubuntu Security Notification for Linux kernel (GKE) Vulnerabilities (USN-5938-1)"},{"cve":"CVE-2022-4139","qid":"199229","title":"Ubuntu Security Notification for Linux kernel (KVM) Vulnerabilities (USN-5941-1)"},{"cve":"CVE-2022-4139","qid":"199230","title":"Ubuntu Security Notification for Linux kernel (Raspberry Pi) Vulnerabilities (USN-5940-1)"},{"cve":"CVE-2022-4139","qid":"199238","title":"Ubuntu Security Notification for Linux kernel (KVM) Vulnerabilities (USN-5950-1)"},{"cve":"CVE-2022-4139","qid":"199239","title":"Ubuntu Security Notification for Linux kernel (IBM) Vulnerabilities (USN-5951-1)"},{"cve":"CVE-2022-4139","qid":"199243","title":"Ubuntu Security Notification for Linux kernel (Intel IoTG) Vulnerabilities (USN-5962-1)"},{"cve":"CVE-2022-4139","qid":"199276","title":"Ubuntu Security Notification for Linux kernel (BlueField) Vulnerabilities (USN-6000-1)"},{"cve":"CVE-2022-4139","qid":"199352","title":"Ubuntu Security Notification for Linux kernel (OEM) Vulnerability (USN-6089-1)"},{"cve":"CVE-2022-4139","qid":"199380","title":"Ubuntu Security Notification for Linux kernel (OEM) Vulnerabilities (USN-6124-1)"},{"cve":"CVE-2022-4139","qid":"241047","title":"Red Hat Update for kpatch-patch (RHSA-2023:0123)"},{"cve":"CVE-2022-4139","qid":"241049","title":"Red Hat Update for kernel (RHSA-2023:0101)"},{"cve":"CVE-2022-4139","qid":"241051","title":"Red Hat Update for kernel-rt (RHSA-2023:0114)"},{"cve":"CVE-2022-4139","qid":"241095","title":"Red Hat Update for kernel (RHSA-2023:0334)"},{"cve":"CVE-2022-4139","qid":"241096","title":"Red Hat Update for kernel-rt (RHSA-2023:0300)"},{"cve":"CVE-2022-4139","qid":"241101","title":"Red Hat Update for kpatch-patch (RHSA-2023:0348)"},{"cve":"CVE-2022-4139","qid":"241127","title":"Red Hat Update for kpatch-patch (RHSA-2023:0441)"},{"cve":"CVE-2022-4139","qid":"241128","title":"Red Hat Update for kernel (RHSA-2023:0440)"},{"cve":"CVE-2022-4139","qid":"241144","title":"Red Hat Update for kpatch-patch (RHSA-2023:0499)"},{"cve":"CVE-2022-4139","qid":"241147","title":"Red Hat Update for kernel (RHSA-2023:0496)"},{"cve":"CVE-2022-4139","qid":"241149","title":"Red Hat Update for kernel (RHSA-2023:0512)"},{"cve":"CVE-2022-4139","qid":"241150","title":"Red Hat Update for kernel-rt (RHSA-2023:0531)"},{"cve":"CVE-2022-4139","qid":"241151","title":"Red Hat Update for kpatch-patch (RHSA-2023:0536)"},{"cve":"CVE-2022-4139","qid":"241152","title":"Red Hat Update for kernel-rt (RHSA-2023:0526)"},{"cve":"CVE-2022-4139","qid":"283382","title":"Fedora Security Update for kernel (FEDORA-2022-24041b1667)"},{"cve":"CVE-2022-4139","qid":"283383","title":"Fedora Security Update for kernel (FEDORA-2022-b36cd53dca)"},{"cve":"CVE-2022-4139","qid":"283390","title":"Fedora Security Update for kernel (FEDORA-2022-e4460c41bc)"},{"cve":"CVE-2022-4139","qid":"355199","title":"Amazon Linux Security Advisory for kernel : ALAS2023-2023-070"},{"cve":"CVE-2022-4139","qid":"378468","title":"Alibaba Cloud Linux Security Update for cloud-kernel (ALINUX3-SA-20230042)"},{"cve":"CVE-2022-4139","qid":"378512","title":"Alibaba Cloud Linux Security Update for cloud-kernel (ALINUX3-SA-2023:0042)"},{"cve":"CVE-2022-4139","qid":"753015","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 23 for SLE 15 SP3) (SUSE-SU-2022:4544-1)"},{"cve":"CVE-2022-4139","qid":"753016","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 24 for SLE 15 SP2) (SUSE-SU-2022:4587-1)"},{"cve":"CVE-2022-4139","qid":"753017","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 4 for SLE 15 SP4) (SUSE-SU-2022:4560-1)"},{"cve":"CVE-2022-4139","qid":"753020","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:4585-1)"},{"cve":"CVE-2022-4139","qid":"753021","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 14 for SLE 15 SP3) (SUSE-SU-2022:4528-1)"},{"cve":"CVE-2022-4139","qid":"753022","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 20 for SLE 15 SP3) (SUSE-SU-2022:4551-1)"},{"cve":"CVE-2022-4139","qid":"753023","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 5 for SLE 15 SP4) (SUSE-SU-2022:4542-1)"},{"cve":"CVE-2022-4139","qid":"753029","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 25 for SLE 15 SP3) (SUSE-SU-2022:4517-1)"},{"cve":"CVE-2022-4139","qid":"753031","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 31 for SLE 15 SP2) (SUSE-SU-2022:4515-1)"},{"cve":"CVE-2022-4139","qid":"753032","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 27 for SLE 15 SP2) (SUSE-SU-2022:4513-1)"},{"cve":"CVE-2022-4139","qid":"753033","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 1 for SLE 15 SP4) (SUSE-SU-2022:4518-1)"},{"cve":"CVE-2022-4139","qid":"753034","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:4504-1)"},{"cve":"CVE-2022-4139","qid":"753035","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 30 for SLE 15 SP2) (SUSE-SU-2022:4534-1)"},{"cve":"CVE-2022-4139","qid":"753037","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 26 for SLE 15 SP2) (SUSE-SU-2022:4580-1)"},{"cve":"CVE-2022-4139","qid":"753040","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 12 for SLE 15 SP3) (SUSE-SU-2022:4562-1)"},{"cve":"CVE-2022-4139","qid":"753041","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 24 for SLE 15 SP3) (SUSE-SU-2022:4516-1)"},{"cve":"CVE-2022-4139","qid":"753043","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 26 for SLE 15 SP3) (SUSE-SU-2022:4572-1)"},{"cve":"CVE-2022-4139","qid":"753044","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 3 for SLE 15 SP4) (SUSE-SU-2022:4559-1)"},{"cve":"CVE-2022-4139","qid":"753045","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:4503-1)"},{"cve":"CVE-2022-4139","qid":"753048","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 18 for SLE 15 SP3) (SUSE-SU-2022:4569-1)"},{"cve":"CVE-2022-4139","qid":"753050","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 22 for SLE 15 SP3) (SUSE-SU-2022:4543-1)"},{"cve":"CVE-2022-4139","qid":"753051","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:4589-1)"},{"cve":"CVE-2022-4139","qid":"753061","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:4616-1)"},{"cve":"CVE-2022-4139","qid":"753062","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:4613-1)"},{"cve":"CVE-2022-4139","qid":"753063","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:4617-1)"},{"cve":"CVE-2022-4139","qid":"905399","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (13243)"},{"cve":"CVE-2022-4139","qid":"905401","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (13247)"},{"cve":"CVE-2022-4139","qid":"905963","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (13243-2)"},{"cve":"CVE-2022-4139","qid":"906306","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (13247-2)"},{"cve":"CVE-2022-4139","qid":"906573","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (13243-4)"},{"cve":"CVE-2022-4139","qid":"906612","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (13247-4)"},{"cve":"CVE-2022-4139","qid":"940879","title":"AlmaLinux Security Update for kernel (ALSA-2023:0101)"},{"cve":"CVE-2022-4139","qid":"940881","title":"AlmaLinux Security Update for kernel-rt (ALSA-2023:0114)"},{"cve":"CVE-2022-4139","qid":"940904","title":"AlmaLinux Security Update for kernel (ALSA-2023:0334)"},{"cve":"CVE-2022-4139","qid":"940910","title":"AlmaLinux Security Update for kernel-rt (ALSA-2023:0300)"},{"cve":"CVE-2022-4139","qid":"960498","title":"Rocky Linux Security Update for kernel (RLSA-2023:0101)"},{"cve":"CVE-2022-4139","qid":"960503","title":"Rocky Linux Security Update for kernel-rt (RLSA-2023:0300)"},{"cve":"CVE-2022-4139","qid":"960509","title":"Rocky Linux Security Update for kernel-rt (RLSA-2023:0114)"},{"cve":"CVE-2022-4139","qid":"960587","title":"Rocky Linux Security Update for kernel (RLSA-2023:0334)"}]},"source_records":{"cve_program":{"data_type":"CVE","data_format":"MITRE","data_version":"4.0","CVE_data_meta":{"ID":"CVE-2022-4139","ASSIGNER":"secalert@redhat.com","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"vendor_name":"n/a","product":{"product_data":[{"product_name":"kernel","version":{"version_data":[{"version_value":"kernel 6.1-rc7"}]}}]}}]}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-281"}]}]},"references":{"reference_data":[{"refsource":"MISC","name":"https://bugzilla.redhat.com/show_bug.cgi?id=2147572","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2147572"},{"refsource":"MISC","name":"https://www.openwall.com/lists/oss-security/2022/11/30/1","url":"https://www.openwall.com/lists/oss-security/2022/11/30/1"},{"refsource":"CONFIRM","name":"https://security.netapp.com/advisory/ntap-20230309-0004/","url":"https://security.netapp.com/advisory/ntap-20230309-0004/"}]},"description":{"description_data":[{"lang":"eng","value":"An incorrect TLB flush issue was found in the Linux kernel’s GPU i915 kernel driver, potentially leading to random memory corruption or data leaks. This flaw could allow a local user to crash the system or escalate their privileges on the system."}]}},"nvd":{"publishedDate":"2023-01-27 18:15:00","lastModifiedDate":"2023-05-12 13:28:00","problem_types":["CWE-401"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.8,"baseSeverity":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:6.1:rc2:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:6.1:rc5:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:6.1:rc1:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:6.1:rc3:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:6.1:rc4:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:6.1:rc6:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:6.1:-:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.81","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.0.11","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.4","versionEndExcluding":"5.4.226","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.5","versionEndExcluding":"5.10.157","cpe_name":[]}]}]}},"legacy_mitre":{"record":null,"notes":[]}}}