CVE-2022-0171

Medium

A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root (host) user-level application to…

redhat·CWE-459·Published 2022-08-26

CVSS

5.5

EPSS

0.00

KEV

Exploits

cve.orgen

269 chars

A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root (host) user-level application to crash the host kernel by creating a confidential guest VM instance in AMD CPU that supports Secure Encrypted Virtualization (SEV).

NVDen

269 chars

NVDes

328 chars

Se ha encontrado un fallo en el kernel de Linux. La API existente de KVM SEV presenta una vulnerabilidad que permite que una aplicación a nivel de usuario no root (anfitrión) bloquee el kernel del anfitrión al crear una instancia de VM de invitado confidencial en la CPU de AMD que admite la virtualización cifrada segura (SEV).

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	NVD	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H