CVE-2022-39189
An issue was discovered the x86 KVM subsystem in the Linux kernel before 5.18.17. Unprivileged guest users can compromise the guest kernel because TLB flush operations are mishandled in certain KVM_VCPU_PREEMPTED situations.
| Software | From | Fixed in |
|---|---|---|
| linux / linux_kernel | 5.16 | 5.18.17 |
| linux / linux_kernel | 5.11 | 5.15.60 |
| linux / linux_kernel | 5.5.0 | 5.10.180 |
| linux / linux_kernel | 4.16 | 5.4.244 |
| netapp / hci_baseboard_management_controller | h300s | h300s.x |
| netapp / hci_baseboard_management_controller | h500s | h500s.x |
| netapp / hci_baseboard_management_controller | h700s | h700s.x |
| netapp / hci_baseboard_management_controller | h410s | h410s.x |
| netapp / hci_baseboard_management_controller | h410c | h410c.x |
- https://bugs.chromium.org/p/project-zero/issues/detail?id=2309
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.18.17
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6cd88243c7e03845a450795e134b488fc2afb736
- https://github.com/torvalds/linux/commit/6cd88243c7e03845a450795e134b488fc2afb736
- https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html
- https://security.netapp.com/advisory/ntap-20230214-0007/
- https://www.debian.org/security/2023/dsa-5480
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime