exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 17 of 17 RSS Feed

CVE-2022-1158

Status Candidate

Overview

A flaw was found in KVM. When updating a guest's page table entry, vm_pgoff was improperly used as the offset to get the page's pfn. As vaddr and vm_pgoff are controllable by user-mode processes, this flaw allows unprivileged local users on the host to write outside the userspace region and potentially corrupt the kernel, resulting in a denial of service condition.

Related Files

Red Hat Security Advisory 2022-9082-01
Posted Dec 16, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-9082-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include buffer overflow, out of bounds write, and privilege escalation vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2022-1158, CVE-2022-2639, CVE-2022-2959, CVE-2022-43945
SHA-256 | 91a8ca65a5bf0091d7e45807156a2f91f6faf7bb1d52bc8264cb7f2665f81c55
Red Hat Security Advisory 2022-8893-01
Posted Dec 16, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-8893-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.20.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-22570, CVE-2022-1158, CVE-2022-24302, CVE-2022-2639, CVE-2022-27191, CVE-2022-42010, CVE-2022-42011, CVE-2022-42012, CVE-2022-42898
SHA-256 | c38ee4b6306b101938abc04733fc4231063e50a1e2f0c70c966e429666acd243
Red Hat Security Advisory 2022-8989-01
Posted Dec 14, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-8989-01 - The kpatch management tool provides a kernel patching infrastructure which allows you to patch a running kernel without rebooting or restarting any processes. Issues addressed include an out of bounds write vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2022-1158, CVE-2022-2639
SHA-256 | 671610e8a7e5c4132ae4ceb836f6122555a2917d6133c09e3517de1a47a83efc
Red Hat Security Advisory 2022-8973-01
Posted Dec 14, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-8973-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow, code execution, memory leak, out of bounds write, and privilege escalation vulnerabilities.

tags | advisory, overflow, kernel, vulnerability, code execution, memory leak
systems | linux, redhat
advisories | CVE-2022-1158, CVE-2022-21123, CVE-2022-21125, CVE-2022-21166, CVE-2022-23816, CVE-2022-23825, CVE-2022-26373, CVE-2022-2639, CVE-2022-2959, CVE-2022-29900, CVE-2022-29901, CVE-2022-43945
SHA-256 | 8fedbbf10be56ed3244024efc11739ae41c56ec0cebbc5d2689f162776226891
Red Hat Security Advisory 2022-8974-01
Posted Dec 14, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-8974-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include buffer overflow, code execution, out of bounds write, and privilege escalation vulnerabilities.

tags | advisory, overflow, kernel, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2022-1158, CVE-2022-21123, CVE-2022-21125, CVE-2022-21166, CVE-2022-23816, CVE-2022-23825, CVE-2022-26373, CVE-2022-2639, CVE-2022-2959, CVE-2022-29900, CVE-2022-29901, CVE-2022-43945
SHA-256 | 6d35672261df38aa85cd2ee464c60cd4122ef8f495ae23678e628e5bf760d2c8
Red Hat Security Advisory 2022-8941-01
Posted Dec 13, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-8941-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include an out of bounds write vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2022-1158, CVE-2022-2639
SHA-256 | 1aea6cdaf669af3e0b54c8a7cfedd1b253da903cf4ee268f4ca999b5192f9859
Red Hat Security Advisory 2022-8940-01
Posted Dec 13, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-8940-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include an out of bounds write vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2022-1158, CVE-2022-2639
SHA-256 | 17de1aaba0aa0fd590afa17694139a5bc67e968bad0558e5d95117b9b0e5e2f1
Red Hat Security Advisory 2022-8831-01
Posted Dec 7, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-8831-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include an out of bounds write vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2022-1158, CVE-2022-2639
SHA-256 | 50c271f0b0d6d84c3fb3d786ecac2acea7b4382b11e411eba6ab38cbd9f4680f
Red Hat Security Advisory 2022-8809-01
Posted Dec 6, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-8809-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include an out of bounds write vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2022-1158, CVE-2022-2639
SHA-256 | 13de356a9378b54fac66748d94897c37a9eddb00ec9145bd1d5be6403fdbe58f
Red Hat Security Advisory 2022-8673-01
Posted Nov 30, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-8673-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2022-1158
SHA-256 | 97f3e50f702e5fe7cf05a0f316152fa8ad06cc0c499a2e5468a7b1c73ccba840
Red Hat Security Advisory 2022-8686-01
Posted Nov 30, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-8686-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2022-1158
SHA-256 | b8332406dcf5e7e427a7e164a3f092852ecc429438c292708f9ab5a8d3453c6f
Red Hat Security Advisory 2022-8685-01
Posted Nov 30, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-8685-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a memory leak vulnerability.

tags | advisory, kernel, memory leak
systems | linux, redhat
advisories | CVE-2022-1158
SHA-256 | 343e5f92325dabc1c46200ae21744f2debc8776499f887f7d57d72fc355492b5
Ubuntu Security Notice USN-5469-1
Posted Jun 8, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5469-1 - It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot restrictions. Aaron Adams discovered that the netfilter subsystem in the Linux kernel did not properly handle the removal of stateful expressions in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-0168, CVE-2022-1048, CVE-2022-1158, CVE-2022-1195, CVE-2022-1198, CVE-2022-1199, CVE-2022-1204, CVE-2022-1205, CVE-2022-1263, CVE-2022-1353, CVE-2022-1516, CVE-2022-1651, CVE-2022-1671, CVE-2022-1966, CVE-2022-1972, CVE-2022-21499, CVE-2022-28356, CVE-2022-28388, CVE-2022-28389, CVE-2022-28390
SHA-256 | 4ce717877a9ad9825a852ffb1c677186dfde79c8f40631b1893230bba71c8954
Ubuntu Security Notice USN-5468-1
Posted Jun 8, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5468-1 - It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot restrictions. Aaron Adams discovered that the netfilter subsystem in the Linux kernel did not properly handle the removal of stateful expressions in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-1158, CVE-2022-1966, CVE-2022-1972, CVE-2022-21499, CVE-2022-24958, CVE-2022-28390
SHA-256 | 76e53ad0646856837ed8b45ef5764a7babb449c61ac464ee275775b370d96109
Ubuntu Security Notice USN-5467-1
Posted Jun 8, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5467-1 - It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot restrictions. Aaron Adams discovered that the netfilter subsystem in the Linux kernel did not properly handle the removal of stateful expressions in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-3772, CVE-2021-4197, CVE-2022-1011, CVE-2022-1158, CVE-2022-1198, CVE-2022-1353, CVE-2022-1516, CVE-2022-1966, CVE-2022-21499, CVE-2022-23039, CVE-2022-23040, CVE-2022-24958, CVE-2022-26966, CVE-2022-28356, CVE-2022-28389, CVE-2022-28390
SHA-256 | 00844e617969c8e349b621d9028477a097d6b0006a1d340d3f86e5feae7ec286
Debian Security Advisory 5127-1
Posted May 28, 2022
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5127-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2021-4197, CVE-2022-0168, CVE-2022-1016, CVE-2022-1048, CVE-2022-1158, CVE-2022-1195, CVE-2022-1198, CVE-2022-1199, CVE-2022-1204, CVE-2022-1205, CVE-2022-1353, CVE-2022-1516, CVE-2022-26490, CVE-2022-27666
SHA-256 | da82f22fb316a942fd49aed4e0aba53798958e6c991eed7a7194ead0910ece82
Ubuntu Security Notice USN-5416-1
Posted May 12, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5416-1 - Qiuhao Li, Gaoning Pan and Yongkang Jia discovered that the KVM implementation in the Linux kernel did not properly perform guest page table updates in some situations. An attacker in a guest vm could possibly use this to crash the host OS. It was discovered that the implementation of X.25 network protocols in the Linux kernel did not terminate link layer sessions properly. A local attacker could possibly use this to cause a denial of service.

tags | advisory, denial of service, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2022-1158, CVE-2022-1516, CVE-2022-28388, CVE-2022-28389, CVE-2022-28390
SHA-256 | 7fdbee8afc9e35d51c815cc5cf37dff16b83556969d0fb1ee6bfdc2a05f5d92c
Page 1 of 1
Back1Next

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    28 Files
  • 16
    Jul 16th
    6 Files
  • 17
    Jul 17th
    34 Files
  • 18
    Jul 18th
    6 Files
  • 19
    Jul 19th
    34 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close