Lucene search

K
nvd[email protected]NVD:CVE-2019-7222
HistoryMar 21, 2019 - 4:01 p.m.

CVE-2019-7222

2019-03-2116:01:11
web.nvd.nist.gov

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

AI Score

6.3

Confidence

High

EPSS

0.001

Percentile

26.0%

The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak.

Affected configurations

NVD
Node
linuxlinux_kernelRange4.20.5
Node
fedoraprojectfedoraMatch28
OR
fedoraprojectfedoraMatch29
Node
opensuseleapMatch15.0
Node
debiandebian_linuxMatch8.0
Node
canonicalubuntu_linuxMatch12.04esm
OR
canonicalubuntu_linuxMatch14.04lts
OR
canonicalubuntu_linuxMatch16.04lts
OR
canonicalubuntu_linuxMatch18.04lts
OR
canonicalubuntu_linuxMatch18.10
Node
netappactive_iq_performance_analytics_servicesMatch-
OR
netappelement_software_management_nodeMatch-
Node
redhatenterprise_linuxMatch8.0
OR
redhatenterprise_linux_desktopMatch7.0
OR
redhatenterprise_linux_eusMatch8.1
OR
redhatenterprise_linux_eusMatch8.2
OR
redhatenterprise_linux_eusMatch8.4
OR
redhatenterprise_linux_eusMatch8.6
OR
redhatenterprise_linux_for_real_timeMatch7
OR
redhatenterprise_linux_for_real_timeMatch8
OR
redhatenterprise_linux_for_real_time_for_nfvMatch7
OR
redhatenterprise_linux_for_real_time_for_nfv_tusMatch8.2
OR
redhatenterprise_linux_for_real_time_for_nfv_tusMatch8.4
OR
redhatenterprise_linux_for_real_time_for_nfv_tusMatch8.6
OR
redhatenterprise_linux_for_real_time_tusMatch8.2
OR
redhatenterprise_linux_for_real_time_tusMatch8.4
OR
redhatenterprise_linux_for_real_time_tusMatch8.6
OR
redhatenterprise_linux_serverMatch7.0
OR
redhatenterprise_linux_server_ausMatch8.2
OR
redhatenterprise_linux_server_ausMatch8.4
OR
redhatenterprise_linux_server_ausMatch8.6
OR
redhatenterprise_linux_server_tusMatch8.2
OR
redhatenterprise_linux_server_tusMatch8.4
OR
redhatenterprise_linux_server_tusMatch8.6
OR
redhatenterprise_linux_workstationMatch7.0

References

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

AI Score

6.3

Confidence

High

EPSS

0.001

Percentile

26.0%