Lucene search

K

China National Vulnerability DatabaseCNVD-2022-69199

HistoryDec 24, 2021 - 12:00 a.m.

Linux Kernel kvm_dirty_ring_get() function denial of service vulnerability

2021-12-2400:00:00

China National Vulnerability Database

www.cnvd.org.cn

10

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

1.9 Low

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:N/I:N/A:P

Linux kernel is the kernel used by the Linux Foundation’s open source operating system Linux. Linux Kernel kvm_dirty_ring_get() suffers from a function denial of service vulnerability, which is caused by the kvm_dirty_ring() function in virt/kvm/dirty_ring.c without creating a vCPU. dirty_ring() function in virt/kvm/dirty_ring.c suffers from a NULL pointer dereference vulnerability if the vCPU is not created. A locally authenticated attacker can exploit this vulnerability to cause a denial-of-service condition.

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

1.9 Low

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:N/I:N/A:P

Related for CNVD-2022-69199

cbl_mariner2 prion1 cve1 ubuntucve1 debiancve1 redhatcve1 fedora6 openvas6 oraclelinux2 nessus2