Lucene search

K
ubuntucveUbuntu.comUB:CVE-2022-1158
HistoryApr 07, 2022 - 12:00 a.m.

CVE-2022-1158

2022-04-0700:00:00
ubuntu.com
ubuntu.com
15

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0

Percentile

5.1%

A flaw was found in KVM. When updating a guest’s page table entry, vm_pgoff
was improperly used as the offset to get the page’s pfn. As vaddr and
vm_pgoff are controllable by user-mode processes, this flaw allows
unprivileged local users on the host to write outside the userspace region
and potentially corrupt the kernel, resulting in a denial of service
condition.

OSVersionArchitecturePackageVersionFilename
ubuntu20.04noarchlinux< 5.4.0-117.132UNKNOWN
ubuntu21.10noarchlinux< 5.13.0-48.54UNKNOWN
ubuntu22.04noarchlinux< 5.15.0-35.36UNKNOWN
ubuntu20.04noarchlinux-aws< 5.4.0-1078.84UNKNOWN
ubuntu21.10noarchlinux-aws< 5.13.0-1028.31UNKNOWN
ubuntu22.04noarchlinux-aws< 5.15.0-1009.11UNKNOWN
ubuntu20.04noarchlinux-aws-5.13< 5.13.0-1028.31~20.04.1UNKNOWN
ubuntu18.04noarchlinux-aws-5.4< 5.4.0-1078.84~18.04.1UNKNOWN
ubuntu20.04noarchlinux-azure< 5.4.0-1083.87UNKNOWN
ubuntu21.10noarchlinux-azure< 5.13.0-1028.33UNKNOWN
Rows per page:
1-10 of 531

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0

Percentile

5.1%