Lucene search
Ubuntu.comUB:CVE-2022-2938HistoryAug 23, 2022 - 12:00 a.m.
CVE-2022-2938
2022-08-2300:00:00
ubuntu.com
ubuntu.com
21
cve-2022-2938
linux kernel
psi
memory corruption
system crash
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.0004 Low
EPSS
Percentile
12.6%
A flaw was found in the Linux kernel’s implementation of Pressure Stall
Information. While the feature is disabled by default, it could allow an
attacker to crash the system or have other memory-corruption side effects.
Notes
| Author | Note |
|---|---|
| sbeattie | on s390x/focal and newer, CONFIG_PSI_DEFAULT_DISABLED is set (see LP: #1876044), so requires a boot command line argument; other arches have it enabled. |
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 20.04 | noarch | linux | < 5.4.0-109.123 | UNKNOWN |
| ubuntu | 20.04 | noarch | linux-aws | < 5.4.0-1072.77 | UNKNOWN |
| ubuntu | 18.04 | noarch | linux-aws-5.4 | < 5.4.0-1072.77~18.04.1 | UNKNOWN |
| ubuntu | 20.04 | noarch | linux-azure | < 5.4.0-1077.80 | UNKNOWN |
| ubuntu | 18.04 | noarch | linux-azure-5.4 | < 5.4.0-1077.80~18.04.1 | UNKNOWN |
| ubuntu | 20.04 | noarch | linux-azure-fde | < 5.4.0-1077.80 | UNKNOWN |
| ubuntu | 20.04 | noarch | linux-bluefield | < 5.4.0-1035.38 | UNKNOWN |
| ubuntu | 20.04 | noarch | linux-gcp | < 5.4.0-1072.77 | UNKNOWN |
| ubuntu | 18.04 | noarch | linux-gcp-5.4 | < 5.4.0-1072.77~18.04.1 | UNKNOWN |
| ubuntu | 20.04 | noarch | linux-gke | < 5.4.0-1068.71 | UNKNOWN |
Related
cve
cve
CVE-2022-2938
2022-08-23 20:15:08
veracode
veracode
Use-after-free
2023-02-03 23:02:04
debiancve
debiancve
CVE-2022-2938
2022-08-23 20:15:08
prion
prion
Memory corruption
2022-08-23 20:15:00
redhatcve
redhatcve
CVE-2022-2938
2022-08-22 14:09:19
cbl_mariner
cbl_mariner
CVE-2022-2938 affecting package kernel for versions less than 5.15.67.1-4
2022-10-05 23:34:27
CVE-2022-2938 affecting package kernel 5.10.131.1-1
2022-09-17 05:57:05
cvelist
cvelist
CVE-2022-2938
2022-08-23 00:00:00
nvd
nvd
CVE-2022-2938
2022-08-23 20:15:08
nessus
nessus
RHEL 8 : kernel (RHSA-2024:1188)
2024-03-06 00:00:00
EulerOS 2.0 SP10 : kernel (EulerOS-SA-2022-2848)
2022-12-21 00:00:00
EulerOS Virtualization 2.10.0 : kernel (EulerOS-SA-2023-1168)
2023-01-10 00:00:00
redhat
redhat
ibm
ibm
openvas
openvas
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2022-2848)
2022-12-22 00:00:00
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2023-1168)
2023-01-12 00:00:00
openSUSE: Security Advisory for the (SUSE-SU-2022:3293-1)
2022-09-17 00:00:00
suse
suse
Security update for the Linux Kernel (important)
2022-09-16 00:00:00
Security update for the Linux Kernel (important)
2022-09-16 00:00:00
rocky
rocky
kernel-rt security and bug fix update
2022-11-08 06:19:55
kernel security, bug fix, and enhancement update
2022-11-08 06:26:19
osv
osv
Moderate: kernel-rt security and bug fix update
2022-11-08 00:00:00
Moderate: kernel-rt security and bug fix update
2022-11-08 06:19:55
Moderate: kernel security, bug fix, and enhancement update
2022-11-08 06:26:19
almalinux
almalinux
Moderate: kernel-rt security and bug fix update
2022-11-08 00:00:00
Moderate: kernel security, bug fix, and enhancement update
2022-11-08 00:00:00
oraclelinux
oraclelinux
kernel security, bug fix, and enhancement update
2022-11-15 00:00:00
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.0004 Low
EPSS
Percentile
12.6%
Related for UB:CVE-2022-2938