Rapid7 Vulnerability & Exploit Database

SUSE: CVE-2022-0171: SUSE Linux Security Advisory

Free InsightVM Trial No Credit Card Necessary
2024 Attack Intel Report Latest research by Rapid7 Labs
Back to Search

SUSE: CVE-2022-0171: SUSE Linux Security Advisory

Severity
4
CVSS
(AV:L/AC:M/Au:N/C:P/I:P/A:P)
Published
08/26/2022
Created
06/14/2023
Added
06/13/2023
Modified
06/23/2023

Description

A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root (host) user-level application to crash the host kernel by creating a confidential guest VM instance in AMD CPU that supports Secure Encrypted Virtualization (SEV).

Solution(s)

  • suse-upgrade-kernel-64kb
  • suse-upgrade-kernel-64kb-devel
  • suse-upgrade-kernel-azure
  • suse-upgrade-kernel-azure-devel
  • suse-upgrade-kernel-default
  • suse-upgrade-kernel-default-devel
  • suse-upgrade-kernel-devel
  • suse-upgrade-kernel-devel-azure
  • suse-upgrade-kernel-docs
  • suse-upgrade-kernel-macros
  • suse-upgrade-kernel-obs-build
  • suse-upgrade-kernel-source
  • suse-upgrade-kernel-source-azure
  • suse-upgrade-kernel-syms
  • suse-upgrade-kernel-syms-azure
  • suse-upgrade-kernel-zfcpdump
  • suse-upgrade-reiserfs-kmp-default

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;