Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2022-0171

A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root (host) user-level application to crash the host kernel by creating a confidential guest VM instance in AMD CPU that supports Secure Encrypted Virtualization (SEV).

Source

Description

A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root (host) user-level application to crash the host kernel by creating a confidential guest VM instance in AMD CPU that supports Secure Encrypted Virtualization (SEV).

Statement

This flaw does not affect the versions of the kernel packages as shipped with Red Hat Enterprise Linux 6 and 7, as they did not include support for SEV. Red Hat Enterprise Linux 8 currently provides SEV as a Technology Preview. Using SEV in a production environment is discouraged. For additional details please see https://access.redhat.com/articles/4491591 and https://access.redhat.com/support/offerings/techpreview.

Additional Information

Bugzilla 2038940: CVE-2022-0171 kernel: KVM: cache incoherence issue in SEV API may lead to kernel crash
CWE-459: Incomplete Cleanup
FAQ: Frequently asked questions about CVE-2022-0171

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

Description

Statement

Additional Information

Vulmon Search

About

Products

Connect