1. Home
  2. Vulnerabilities
  3. CVE-2022-1651

CVE-2022-1651

CVSS v3.1 7.1 (High)
71% Progress
EPSS 0.04 % (5th)
0.04% Progress
Affected Products 1
Advisories 4
Info CVSS EPSS Affected Configurations References Security Advisories Packages & Software OVAL Tools, Exploits & PoC Graph Web & Social Timeline

A memory leak flaw was found in the Linux kernel in acrn_dev_ioctl in the drivers/virt/acrn/hsm.c function in how the ACRN Device Model emulates virtual NICs in VM. This flaw allows a local privileged attacker to leak unauthorized kernel information, causing a denial of service.

Weaknesses
CWE-401
Missing Release of Memory after Effective Lifetime
CVE Status
PUBLISHED
CNA
Red Hat, Inc.
Published Date
2022-07-26 17:15:08
(2 years ago)
Updated Date
2023-08-04 17:52:41
(13 months ago)

Affected Products

Linux

Configuration #1

    CPE23 From Up To
  Linux Kernel from 5.12 version and prior 5.15.33 version cpe:2.3:o:linux:linux_kernel >= 5.12 < 5.15.33
  Linux Kernel from 5.16 version and prior 5.16.19 version cpe:2.3:o:linux:linux_kernel >= 5.16 < 5.16.19
  Linux Kernel from 5.17 version and prior 5.17.2 version cpe:2.3:o:linux:linux_kernel >= 5.17 < 5.17.2