CVE-2022-1158
CVSS v3.1
7.8 (High)
EPSS
0.04 % (5th)
Affected Products
3
Advisories
30
A flaw was found in KVM. When updating a guest's page table entry, vm_pgoff was improperly used as the offset to get the page's pfn. As vaddr and vm_pgoff are controllable by user-mode processes, this flaw allows unprivileged local users on the host to write outside the userspace region and potentially corrupt the kernel, resulting in a denial of service condition.
Weaknesses
- CWE-416
- Use After Free
- CVE Status
- PUBLISHED
- CNA
- Red Hat, Inc.
- Published Date
-
2022-08-05 17:15:08
(2 years ago) - Updated Date
-
2023-04-11 18:14:00
(17 months ago)
Affected Products
Loading...
Loading...
Configuration #1
|
Configuration #2
|
Configuration #3
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...