In multiple functions of mem_protect.c, there is a possible way to access hypervisor memory due to a memory access check in the wrong place. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
{ "priority_reason": "Local guest-to-host data theft and potential privilege escalation.", "binaries": [ { "binary_version": "6.2.0-1012.12~22.04.1", "binary_name": "linux-aws-6.2-cloud-tools-6.2.0-1012" }, { "binary_version": "6.2.0-1012.12~22.04.1", "binary_name": "linux-aws-6.2-headers-6.2.0-1012" }, { "binary_version": "6.2.0-1012.12~22.04.1", "binary_name": "linux-aws-6.2-tools-6.2.0-1012" }, { "binary_version": "6.2.0-1012.12~22.04.1", "binary_name": "linux-buildinfo-6.2.0-1012-aws" }, { "binary_version": "6.2.0-1012.12~22.04.1", "binary_name": "linux-cloud-tools-6.2.0-1012-aws" }, { "binary_version": "6.2.0-1012.12~22.04.1", "binary_name": "linux-headers-6.2.0-1012-aws" }, { "binary_version": "6.2.0-1012.12~22.04.1", "binary_name": "linux-image-unsigned-6.2.0-1012-aws" }, { "binary_version": "6.2.0-1012.12~22.04.1", "binary_name": "linux-image-unsigned-6.2.0-1012-aws-dbgsym" }, { "binary_version": "6.2.0-1012.12~22.04.1", "binary_name": "linux-modules-6.2.0-1012-aws" }, { "binary_version": "6.2.0-1012.12~22.04.1", "binary_name": "linux-modules-extra-6.2.0-1012-aws" }, { "binary_version": "6.2.0-1012.12~22.04.1", "binary_name": "linux-tools-6.2.0-1012-aws" } ], "availability": "No subscription required" }
{ "priority_reason": "Local guest-to-host data theft and potential privilege escalation.", "binaries": [ { "binary_version": "6.2.0-1012.12~22.04.1", "binary_name": "linux-azure-6.2-cloud-tools-6.2.0-1012" }, { "binary_version": "6.2.0-1012.12~22.04.1", "binary_name": "linux-azure-6.2-headers-6.2.0-1012" }, { "binary_version": "6.2.0-1012.12~22.04.1", "binary_name": "linux-azure-6.2-tools-6.2.0-1012" }, { "binary_version": "6.2.0-1012.12~22.04.1", "binary_name": "linux-buildinfo-6.2.0-1012-azure" }, { "binary_version": "6.2.0-1012.12~22.04.1", "binary_name": "linux-cloud-tools-6.2.0-1012-azure" }, { "binary_version": "6.2.0-1012.12~22.04.1", "binary_name": "linux-headers-6.2.0-1012-azure" }, { "binary_version": "6.2.0-1012.12~22.04.1", "binary_name": "linux-image-unsigned-6.2.0-1012-azure" }, { "binary_version": "6.2.0-1012.12~22.04.1", "binary_name": "linux-image-unsigned-6.2.0-1012-azure-dbgsym" }, { "binary_version": "6.2.0-1012.12~22.04.1", "binary_name": "linux-modules-6.2.0-1012-azure" }, { "binary_version": "6.2.0-1012.12~22.04.1", "binary_name": "linux-modules-extra-6.2.0-1012-azure" }, { "binary_version": "6.2.0-1012.12~22.04.1", "binary_name": "linux-tools-6.2.0-1012-azure" } ], "availability": "No subscription required" }
{ "priority_reason": "Local guest-to-host data theft and potential privilege escalation.", "binaries": [ { "binary_version": "6.2.0-1014.14~22.04.1", "binary_name": "linux-buildinfo-6.2.0-1014-gcp" }, { "binary_version": "6.2.0-1014.14~22.04.1", "binary_name": "linux-gcp-6.2-headers-6.2.0-1014" }, { "binary_version": "6.2.0-1014.14~22.04.1", "binary_name": "linux-gcp-6.2-tools-6.2.0-1014" }, { "binary_version": "6.2.0-1014.14~22.04.1", "binary_name": "linux-headers-6.2.0-1014-gcp" }, { "binary_version": "6.2.0-1014.14~22.04.1", "binary_name": "linux-image-unsigned-6.2.0-1014-gcp" }, { "binary_version": "6.2.0-1014.14~22.04.1", "binary_name": "linux-image-unsigned-6.2.0-1014-gcp-dbgsym" }, { "binary_version": "6.2.0-1014.14~22.04.1", "binary_name": "linux-modules-6.2.0-1014-gcp" }, { "binary_version": "6.2.0-1014.14~22.04.1", "binary_name": "linux-modules-extra-6.2.0-1014-gcp" }, { "binary_version": "6.2.0-1014.14~22.04.1", "binary_name": "linux-modules-iwlwifi-6.2.0-1014-gcp" }, { "binary_version": "6.2.0-1014.14~22.04.1", "binary_name": "linux-tools-6.2.0-1014-gcp" } ], "availability": "No subscription required" }
{ "priority_reason": "Local guest-to-host data theft and potential privilege escalation.", "binaries": [ { "binary_version": "6.2.0-33.33~22.04.1", "binary_name": "linux-buildinfo-6.2.0-33-generic" }, { "binary_version": "6.2.0-33.33~22.04.1", "binary_name": "linux-buildinfo-6.2.0-33-generic-64k" }, { "binary_version": "6.2.0-33.33~22.04.1", "binary_name": "linux-buildinfo-6.2.0-33-generic-lpae" }, { "binary_version": "6.2.0-33.33~22.04.1", "binary_name": "linux-cloud-tools-6.2.0-33-generic" }, { "binary_version": "6.2.0-33.33~22.04.1", "binary_name": "linux-headers-6.2.0-33-generic" }, { "binary_version": "6.2.0-33.33~22.04.1", "binary_name": "linux-headers-6.2.0-33-generic-64k" }, { "binary_version": "6.2.0-33.33~22.04.1", "binary_name": "linux-headers-6.2.0-33-generic-lpae" }, { "binary_version": "6.2.0-33.33~22.04.1", "binary_name": "linux-hwe-6.2-cloud-tools-6.2.0-33" }, { "binary_version": "6.2.0-33.33~22.04.1", "binary_name": "linux-hwe-6.2-cloud-tools-common" }, { "binary_version": "6.2.0-33.33~22.04.1", "binary_name": "linux-hwe-6.2-headers-6.2.0-33" }, { "binary_version": "6.2.0-33.33~22.04.1", "binary_name": "linux-hwe-6.2-tools-6.2.0-33" }, { "binary_version": "6.2.0-33.33~22.04.1", "binary_name": "linux-hwe-6.2-tools-common" }, { "binary_version": "6.2.0-33.33~22.04.1", "binary_name": "linux-hwe-6.2-tools-host" }, { "binary_version": "6.2.0-33.33~22.04.1", "binary_name": "linux-image-6.2.0-33-generic" }, { "binary_version": "6.2.0-33.33~22.04.1", "binary_name": "linux-image-6.2.0-33-generic-dbgsym" }, { "binary_version": "6.2.0-33.33~22.04.1", "binary_name": "linux-image-6.2.0-33-generic-lpae" }, { "binary_version": "6.2.0-33.33~22.04.1", "binary_name": "linux-image-6.2.0-33-generic-lpae-dbgsym" }, { "binary_version": "6.2.0-33.33~22.04.1", "binary_name": "linux-image-unsigned-6.2.0-33-generic" }, { "binary_version": "6.2.0-33.33~22.04.1", "binary_name": "linux-image-unsigned-6.2.0-33-generic-64k" }, { "binary_version": "6.2.0-33.33~22.04.1", "binary_name": "linux-image-unsigned-6.2.0-33-generic-64k-dbgsym" }, { "binary_version": "6.2.0-33.33~22.04.1", "binary_name": "linux-image-unsigned-6.2.0-33-generic-dbgsym" }, { "binary_version": "6.2.0-33.33~22.04.1", "binary_name": "linux-modules-6.2.0-33-generic" }, { "binary_version": "6.2.0-33.33~22.04.1", "binary_name": "linux-modules-6.2.0-33-generic-64k" }, { "binary_version": "6.2.0-33.33~22.04.1", "binary_name": "linux-modules-6.2.0-33-generic-lpae" }, { "binary_version": "6.2.0-33.33~22.04.1", "binary_name": "linux-modules-extra-6.2.0-33-generic" }, { "binary_version": "6.2.0-33.33~22.04.1", "binary_name": "linux-modules-ipu6-6.2.0-33-generic" }, { "binary_version": "6.2.0-33.33~22.04.1", "binary_name": "linux-modules-ivsc-6.2.0-33-generic" }, { "binary_version": "6.2.0-33.33~22.04.1", "binary_name": "linux-modules-iwlwifi-6.2.0-33-generic" }, { "binary_version": "6.2.0-33.33~22.04.1", "binary_name": "linux-source-6.2.0" }, { "binary_version": "6.2.0-33.33~22.04.1", "binary_name": "linux-tools-6.2.0-33-generic" }, { "binary_version": "6.2.0-33.33~22.04.1", "binary_name": "linux-tools-6.2.0-33-generic-64k" }, { "binary_version": "6.2.0-33.33~22.04.1", "binary_name": "linux-tools-6.2.0-33-generic-lpae" } ], "availability": "No subscription required" }
{ "priority_reason": "Local guest-to-host data theft and potential privilege escalation.", "binaries": [ { "binary_version": "6.2.0-1013.13~22.04.1", "binary_name": "linux-buildinfo-6.2.0-1013-lowlatency" }, { "binary_version": "6.2.0-1013.13~22.04.1", "binary_name": "linux-buildinfo-6.2.0-1013-lowlatency-64k" }, { "binary_version": "6.2.0-1013.13~22.04.1", "binary_name": "linux-cloud-tools-6.2.0-1013-lowlatency" }, { "binary_version": "6.2.0-1013.13~22.04.1", "binary_name": "linux-headers-6.2.0-1013-lowlatency" }, { "binary_version": "6.2.0-1013.13~22.04.1", "binary_name": "linux-headers-6.2.0-1013-lowlatency-64k" }, { "binary_version": "6.2.0-1013.13~22.04.1", "binary_name": "linux-image-unsigned-6.2.0-1013-lowlatency" }, { "binary_version": "6.2.0-1013.13~22.04.1", "binary_name": "linux-image-unsigned-6.2.0-1013-lowlatency-64k" }, { "binary_version": "6.2.0-1013.13~22.04.1", "binary_name": "linux-image-unsigned-6.2.0-1013-lowlatency-64k-dbgsym" }, { "binary_version": "6.2.0-1013.13~22.04.1", "binary_name": "linux-image-unsigned-6.2.0-1013-lowlatency-dbgsym" }, { "binary_version": "6.2.0-1013.13~22.04.1", "binary_name": "linux-lowlatency-hwe-6.2-cloud-tools-6.2.0-1013" }, { "binary_version": "6.2.0-1013.13~22.04.1", "binary_name": "linux-lowlatency-hwe-6.2-cloud-tools-common" }, { "binary_version": "6.2.0-1013.13~22.04.1", "binary_name": "linux-lowlatency-hwe-6.2-headers-6.2.0-1013" }, { "binary_version": "6.2.0-1013.13~22.04.1", "binary_name": "linux-lowlatency-hwe-6.2-tools-6.2.0-1013" }, { "binary_version": "6.2.0-1013.13~22.04.1", "binary_name": "linux-lowlatency-hwe-6.2-tools-common" }, { "binary_version": "6.2.0-1013.13~22.04.1", "binary_name": "linux-lowlatency-hwe-6.2-tools-host" }, { "binary_version": "6.2.0-1013.13~22.04.1", "binary_name": "linux-modules-6.2.0-1013-lowlatency" }, { "binary_version": "6.2.0-1013.13~22.04.1", "binary_name": "linux-modules-6.2.0-1013-lowlatency-64k" }, { "binary_version": "6.2.0-1013.13~22.04.1", "binary_name": "linux-modules-ipu6-6.2.0-1013-lowlatency" }, { "binary_version": "6.2.0-1013.13~22.04.1", "binary_name": "linux-modules-ivsc-6.2.0-1013-lowlatency" }, { "binary_version": "6.2.0-1013.13~22.04.1", "binary_name": "linux-modules-iwlwifi-6.2.0-1013-lowlatency" }, { "binary_version": "6.2.0-1013.13~22.04.1", "binary_name": "linux-tools-6.2.0-1013-lowlatency" }, { "binary_version": "6.2.0-1013.13~22.04.1", "binary_name": "linux-tools-6.2.0-1013-lowlatency-64k" } ], "availability": "No subscription required" }
{ "priority_reason": "Local guest-to-host data theft and potential privilege escalation.", "binaries": [ { "binary_version": "6.2.0-1011.11", "binary_name": "linux-buildinfo-6.2.0-1011-nvidia" }, { "binary_version": "6.2.0-1011.11", "binary_name": "linux-buildinfo-6.2.0-1011-nvidia-64k" }, { "binary_version": "6.2.0-1011.11", "binary_name": "linux-headers-6.2.0-1011-nvidia" }, { "binary_version": "6.2.0-1011.11", "binary_name": "linux-headers-6.2.0-1011-nvidia-64k" }, { "binary_version": "6.2.0-1011.11", "binary_name": "linux-image-unsigned-6.2.0-1011-nvidia" }, { "binary_version": "6.2.0-1011.11", "binary_name": "linux-image-unsigned-6.2.0-1011-nvidia-64k" }, { "binary_version": "6.2.0-1011.11", "binary_name": "linux-image-unsigned-6.2.0-1011-nvidia-64k-dbgsym" }, { "binary_version": "6.2.0-1011.11", "binary_name": "linux-image-unsigned-6.2.0-1011-nvidia-dbgsym" }, { "binary_version": "6.2.0-1011.11", "binary_name": "linux-modules-6.2.0-1011-nvidia" }, { "binary_version": "6.2.0-1011.11", "binary_name": "linux-modules-6.2.0-1011-nvidia-64k" }, { "binary_version": "6.2.0-1011.11", "binary_name": "linux-modules-extra-6.2.0-1011-nvidia" }, { "binary_version": "6.2.0-1011.11", "binary_name": "linux-modules-nvidia-fs-6.2.0-1011-nvidia" }, { "binary_version": "6.2.0-1011.11", "binary_name": "linux-modules-nvidia-fs-6.2.0-1011-nvidia-64k" }, { "binary_version": "6.2.0-1011.11", "binary_name": "linux-nvidia-6.2-headers-6.2.0-1011" }, { "binary_version": "6.2.0-1011.11", "binary_name": "linux-nvidia-6.2-tools-6.2.0-1011" }, { "binary_version": "6.2.0-1011.11", "binary_name": "linux-nvidia-6.2-tools-host" }, { "binary_version": "6.2.0-1011.11", "binary_name": "linux-tools-6.2.0-1011-nvidia" }, { "binary_version": "6.2.0-1011.11", "binary_name": "linux-tools-6.2.0-1011-nvidia-64k" } ], "availability": "No subscription required" }