CVE-2022-48764 KVM: x86: Free kvm_cpuid_entry2 array on post-KVM_RUN KVM_SET_CPUID{,2}

🗓️ 20 Jun 2024 11:13:41Reported by GoogleType

osv🔗 osv.dev👁 12 Views

In Linux kernel, CVE-2022-48764 fixes memory leak in KVM: x86: Free kvm_cpuid_entry2 array on post-KVM_RUN KVM_SET_CPUID{,2

Reporter	Title	Published	Views	Family All 17
AstraLinux	Astra Linux - уязвимость в linux-5.10	20 May 202605:53	–	astralinux
BDU FSTEC	The vulnerability of the kvm_set_cpuid function in the include/linux/slab.h library of the KVM virtualization subsystem in the Linux operating system allows a hacker to induce a service failure.	16 Sep 202400:00	–	bdu_fstec
BDU FSTEC	The vulnerability of the kvm_set_cpuid() function in the arch/x86/kvm/cpuid.c module of the virtualization subsystem on the Linux kernel-based x86 platform allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.	25 Mar 202500:00	–	bdu_fstec
CNNVD	Linux kernel security vulnerabilities	20 Jun 202400:00	–	cnnvd
CVE	CVE-2022-48764	20 Jun 202411:13	–	cve
Cvelist	CVE-2022-48764 KVM: x86: Free kvm_cpuid_entry2 array on post-KVM_RUN KVM_SET_CPUID{,2}	20 Jun 202411:13	–	cvelist
Debian CVE	CVE-2022-48764	20 Jun 202411:13	–	debiancve
NVD	CVE-2022-48764	20 Jun 202412:15	–	nvd
OSV	DEBIAN-CVE-2022-48764	20 Jun 202412:15	–	osv
OSV	UBUNTU-CVE-2022-48764	20 Jun 202412:15	–	osv

Source	Link
git	www.git.kernel.org/stable/c/811f95ff95270e6048197821434d9301e3d7f07c
git	www.git.kernel.org/stable/c/b9ee734a14bb685b2088f2176d82b34cb4e30dbc
github	www.github.com/CVEProject/cvelistV5/tree/main/cves/2022/48xxx/CVE-2022-48764.json
nvd	www.nvd.nist.gov/vuln/detail/CVE-2022-48764
git	www.git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

02 Apr 2026 08:26Current

4.9Medium risk

Vulners AI Score4.9

CVSS 3.15.3

EPSS0.0003