CVE-2022-39189
HIGH7.8EPSS 0.02%linux - security update
Published: 9/2/2022Modified: 4/28/2026
Description
An issue was discovered the x86 KVM subsystem in the Linux kernel before 5.18.17. Unprivileged guest users can compromise the guest kernel because TLB flush operations are mishandled in certain KVM_VCPU_PREEMPTED situations.
Affected packages (3)
- Debian/linuxfrom 0, < 5.10.191-1
- Debian/linuxfrom 0, < 5.10.191-1
- Debian/linux-5.10from 0, < 5.10.197-1~deb10u1
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH7.8 | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |