vulnerability
Ubuntu: (CVE-2022-48793): linux-intel-iotg-5.15 vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:L/AC:L/Au:S/C:N/I:N/A:C) | Jul 16, 2024 | Nov 19, 2024 | Sep 1, 2025 |
Severity
5
CVSS
(AV:L/AC:L/Au:S/C:N/I:N/A:C)
Published
Jul 16, 2024
Added
Nov 19, 2024
Modified
Sep 1, 2025
Description
In the Linux kernel, the following vulnerability has been resolved:
KVM: x86: nSVM: fix potential NULL derefernce on nested migration
Turns out that due to review feedback and/or rebases
I accidentally moved the call to nested_svm_load_cr3 to be too early,
before the NPT is enabled, which is very wrong to do.
KVM can't even access guest memory at that point as nested NPT
is needed for that, and of course it won't initialize the walk_mmu,
which is main issue the patch was addressing.
Fix this for real.
Solution
ubuntu-upgrade-linux-intel-iotg-5-15
References
- CVE-2022-48793
- https://attackerkb.com/topics/CVE-2022-48793
- CWE-476
- URL-https://git.kernel.org/linus/e1779c2714c3023e4629825762bcbc43a3b943df
- URL-https://git.kernel.org/stable/c/352193edda48e08e8824a7ece09aec830a603cfe
- URL-https://git.kernel.org/stable/c/74b426bea4f7e3b081add2b88d4fba16d3af7ab6
- URL-https://git.kernel.org/stable/c/e1779c2714c3023e4629825762bcbc43a3b943df
- URL-https://www.cve.org/CVERecord?id=CVE-2022-48793
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.