CVE-2022-2196

Advisory lineage Upstream: 0 Downstream: 29

Downstream

DEBIAN-CVE-2022-2196 DLA-3404-1 MGASA-2023-0087 MGASA-2023-0088 RHSA-2023:2148 RHSA-2023:2458

Modified

Published: 09 Jan 2023, 10:59

Last modified:13 Feb 2025, 16:28

Vulnerability Summary

Overall Risk (default)

medium

35/100

CVSS Score

8.8 HIGH

v3.1 (nvd)

EPSS Score

0.03% LOW

0% probability 0.00%

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

09 Jan 2023, 10:59

Published

Vulnerability first disclosed

13 Feb 2025, 16:28

Last Modified

Vulnerability information updated

Description

A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks. L2 can carry out Spectre v2 attacks on L1 due to L1 thinking it doesn't need retpolines or IBPB after running L2 due to KVM (L0) advertising eIBRS support to L1. An attacker at L2 with code execution can execute code on an indirect branch on the host machine. We recommend upgrading to Kernel 6.2 or past commit 2e7eab81425a

CVSS Metrics

v3.1•MEDIUM•Score: 5.8CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:L
v3.1•HIGH•Score: 8.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

EPSS Trends

Current EPSS score: 0.03%• Percentile: 10%

Techniques & Countermeasures

CWE-1188•Initialization of a Resource with an Insecure Default
The product initializes or sets a resource with a default that is intended to be changed by the product's installer, administrator, or maintainer, but the default is not secure.

Affected Systems

debian•debian_linux
10.0
linux•linux_kernel
< 2e7eab81425a | < 6.2 | ≥ 5.4.47, < 5.4.233 | ≥ 5.6.19, < 5.7 | ≥ 5.7.3, < 5.10.170 | ≥ 5.11, < 5.15.96 | ≥ 5.16, < 6.1.14