UBUNTU-CVE-2022-0171
Vulnerability Summary
Timeline
Description
A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root (host) user-level application to crash the host kernel by creating a confidential guest VM instance in AMD CPU that supports Secure Encrypted Virtualization (SEV).
CVSS Metrics
- v3.1•MEDIUM•Score: 5.5CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected Systems
- ubuntu•linux
< 5.15.0-57.63
- ubuntu•linux-aws
< 5.15.0-1027.31
- ubuntu•linux-aws-5.0
all
- ubuntu•linux-aws-5.11
all
- ubuntu•linux-aws-5.13
all
- ubuntu•linux-aws-5.15
< 5.15.0-1027.31~20.04.1
- ubuntu•linux-aws-5.3
all
- ubuntu•linux-aws-5.8
all
- ubuntu•linux-azure
all | < 5.15.0-1030.37
- ubuntu•linux-azure-5.11
all
- ubuntu•linux-azure-5.13
all
- ubuntu•linux-azure-5.15
< 5.15.0-1030.37~20.04.1
- ubuntu•linux-azure-5.3
all
- ubuntu•linux-azure-5.8
all
- ubuntu•linux-azure-edge
all
- ubuntu•linux-azure-fde
< 5.15.0-1030.37.1
- ubuntu•linux-azure-fde-5.15
< 5.15.0-1030.37~20.04.1.1
- ubuntu•linux-gcp
all | < 5.15.0-1026.33
- ubuntu•linux-gcp-5.11
all
- ubuntu•linux-gcp-5.13
all
- ubuntu•linux-gcp-5.15
< 5.15.0-1027.34~20.04.1
- ubuntu•linux-gcp-5.3
all
- ubuntu•linux-gcp-5.8
all
- ubuntu•linux-gke
< 5.15.0-1024.29
- ubuntu•linux-gke-4.15
all
- ubuntu•linux-gke-5.15
< 5.15.0-1027.32~20.04.1
- ubuntu•linux-gkeop
< 5.15.0-1012.16
- ubuntu•linux-gkeop-5.15
< 5.15.0-1012.16~20.04.1
- ubuntu•linux-hwe
all
- ubuntu•linux-hwe-5.11
all
- ubuntu•linux-hwe-5.13
all
- ubuntu•linux-hwe-5.15
< 5.15.0-57.63~20.04.1
- ubuntu•linux-hwe-5.8
all
- ubuntu•linux-hwe-edge
all
- ubuntu•linux-ibm
< 5.15.0-1022.25
- ubuntu•linux-intel-5.13
all
- ubuntu•linux-intel-iot-realtime
all
- ubuntu•linux-intel-iotg
< 5.15.0-1023.28
- ubuntu•linux-intel-iotg-5.15
< 5.15.0-1023.28~20.04.1
- ubuntu•linux-kvm
< 5.15.0-1025.30
- ubuntu•linux-lowlatency
< 5.15.0-57.63
- ubuntu•linux-lowlatency-hwe-5.15
< 5.15.0-58.64~20.04.1
- ubuntu•linux-nvidia
< 5.15.0-1015.15
- ubuntu•linux-oem
all
- ubuntu•linux-oem-5.10
all
- ubuntu•linux-oem-5.13
all
- ubuntu•linux-oem-5.14
all
- ubuntu•linux-oem-5.17
all
- ubuntu•linux-oem-5.6
all
- ubuntu•linux-oracle
< 5.15.0-1026.32
Showing first 50 affected entries in server-rendered view.
References (6)
- https://ubuntu.com/security/CVE-2022-0171
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=683412ccf61294d727ead4a73d97397396e69a6b
- https://ubuntu.com/security/notices/USN-5792-1
- https://ubuntu.com/security/notices/USN-5792-2
- https://ubuntu.com/security/notices/USN-5877-1
- https://www.cve.org/CVERecord?id=CVE-2022-0171