GoogleCVELIST:CVE-2022-2196CVE-2022-2196 Speculative execution attacks in KVM VMX
5.8 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
HIGH
Availability Impact
LOW
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:L
9 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.8%
A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks.Β L2 can carry out Spectre v2 attacks on L1 due to L1 thinking it doesnβt need retpolines or IBPBΒ after running L2 due to KVM (L0) advertising eIBRS support to L1. An attacker at L2 with code execution can execute code on an indirect branch on the host machine. We recommend upgrading to Kernel 6.2 or past commitΒ 2e7eab81425a
CNA Affected
[
{
"defaultStatus": "unaffected",
"packageName": "KVM",
"product": "Linux Kernel",
"repo": "https://git.kernel.org/",
"vendor": "Linux",
"versions": [
{
"lessThan": "2e7eab81425a",
"status": "affected",
"version": "0",
"versionType": "git"
},
{
"lessThan": "6.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
]Related
5.8 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
HIGH
Availability Impact
LOW
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:L
9 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.8%