CVE-2022-39189

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2022-39189
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-39189.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2022-39189
Aliases
Downstream
Related
Published
2022-09-02T05:15:07.693Z
Modified
2026-03-14T14:50:41.952617Z
Severity
  • 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

An issue was discovered the x86 KVM subsystem in the Linux kernel before 5.18.17. Unprivileged guest users can compromise the guest kernel because TLB flush operations are mishandled in certain KVMVCPUPREEMPTED situations.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
6cd88243c7e03845a450795e134b488fc2afb736
Type
GIT
Repo
https://github.com/torvalds/linux
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
6cd88243c7e03845a450795e134b488fc2afb736
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
6cd88243c7e03845a450795e134b488fc2afb736
Type
GIT
Repo
https://github.com/torvalds/linux
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
6cd88243c7e03845a450795e134b488fc2afb736

Database specific

unresolved_ranges 
[
    {
        "events": [
            {
                "introduced": "4.16"
            },
            {
                "fixed": "5.4.244"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "5.5.0"
            },
            {
                "fixed": "5.10.180"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "5.11"
            },
            {
                "fixed": "5.15.60"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "5.16"
            },
            {
                "fixed": "5.18.17"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "h300s"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "h410c"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "h410s"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "h500s"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "h700s"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "fixed": "5.18.17"
            }
        ]
    }
]
source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-39189.json"