#VU71582 Expected behavior violation in Linux kernel - CVE-2022-3344


Vulnerability identifier: #VU71582

Vulnerability risk: Medium

CVSSv4.0: 4.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2022-3344

CWE-ID: CWE-440

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Linux kernel
Operating systems & Components / Operating system

Vendor: Linux Foundation

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an error in the KVM's AMD nested virtualization (SVM). A malicious L1 guest can purposely fail to intercept the shutdown of a cooperative nested guest (L2), possibly leading to a page fault and kernel panic in the host (L0).

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Linux kernel: before 6.1, 6.1

External links
https://lore.kernel.org/lkml/20221020093055.224317-5-mlevitsk@redhat.com/T/
https://bugzilla.redhat.com/show_bug.cgi?id=2130278

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Ubuntu update for linux-intel-iotg
Ubuntu update for linux-kvm
Ubuntu update for linux-kvm
Ubuntu update for linux-gkeop
Ubuntu update for linux-ibm
Ubuntu update for linux-raspi
Ubuntu update for linux
Ubuntu update for linux
Slackware Linux update for kernel
SUSE update for the Linux Kernel