Wind River Support Network

HomeDefectsLIN1021-3820
Fixed

LIN1021-3820 : Security Advisory - linux - CVE-2022-2153

Created: Jun 22, 2022    Updated: Sep 19, 2022
Resolved Date: Sep 19, 2022
Found In Version: 10.21.20.1
Fix Version: 10.21.20.13
Severity: Standard
Applicable for: Wind River Linux LTS 21
Component/s: Kernel

Description

A flaw was found in the Linux kernel’s KVM when attempting to set a SynIC IRQ. This issue makes it possible for a misbehaving VMM to write to SYNIC/STIMER MSRs, causing a NULL pointer dereference. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, causing a kernel oops condition that results in a denial of service.

https://nvd.nist.gov/vuln/detail/CVE-2022-2153

CVEs


Live chat
Online