Wind River Support Network


LIN1019-8120 : Security Advisory - linux - CVE-2022-1158

Created: Apr 9, 2022    Updated: Aug 7, 2022
Resolved Date: Jun 8, 2022
Found In Version:
Severity: Standard
Applicable for: Wind River Linux LTS 19
Component/s: Kernel


A flaw was found in KVM. When updating a guest's page table entry, vm_pgoff was improperly used as the offset to get the page's pfn. As vaddr and vm_pgoff are controllable by user-mode processes, this flaw allows unprivileged local users on the host to write outside the userspace region and potentially corrupt the kernel, resulting in a denial of service condition.


Live chat