CVE Vulnerability

CVE-2022-45869

A race condition in the x86 KVM subsystem in the Linux kernel through 6.1-rc6 allows guest OS users to cause a denial of service (host OS crash or host OS memory corruption) when nested virtualisation and the TDP MMU are enabled.

5.5 /10

CVSS v3.0 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=47b0c2e4c220f2251fd8dcfbb44479819c715e15 Exploit Patch
Configurations

Configuration 1

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:a:o:linux:linux_kernel:6.1:rc2:*:*:*:*:*
cpe:2.3:a:o:linux:linux_kernel:6.1:rc3:*:*:*:*:*
cpe:2.3:a:o:linux:linux_kernel:6.1:rc4:*:*:*:*:*
cpe:2.3:a:o:linux:linux_kernel:6.1:rc5:*:*:*:*:*
cpe:2.3:a:o:linux:linux_kernel:6.1:rc6:*:*:*:*:*
cpe:2.3:a:o:linux:linux_kernel:6.1:rc1:*:*:*:*:*
Information

Published : 2022-11-30 05:15

Updated : 2022-12-05 08:23

NVD link : CVE-2022-45869

Mitre link : CVE-2022-45869

Products Affected
No products.
CWE
CWE-362