The issue exists due to incorrect calculation of data lengths for an endpoint descriptor. An attacker can exploit this to determine the length of buffers in memory. An issue was discovered in the Linux kernel before 5.16.12. drivers/net/usb/sr9700.c allows attackers to obtain sensitive information from heap memory via crafted frame lengths from a device. The issue exists due to incorrect calculation of data lengths for an endpoint descriptor. An attacker can exploit this to determine the length of buffers in memory. An issue was discovered in the Linux kernel before 5.16.12. KVM/svm.c mishandles certain reports with VMX/VMCB instructions combinations within the virtual address space. An attacker can exploit this to cause a denial of service (memory corruption and/or panic). An issue was discovered in the Linux kernel before 5.16.12. KVM/svm.c mishandles certain reports with VMX/VMCB instructions combinations within the virtual address space. An attacker can exploit this to cause a denial of service (memory corruption and/or panic). An issue was discovered in the Linux kernel before 5.16.12. KVM/svm.c mishandles certain reports with VMX/VMCB instructions combinations within the virtual address space. An attacker can exploit this to cause a denial of service (memory corruption and/or panic). An issue was discovered in the Linux kernel before 5.16.12. KVM/s
SUMMARY
If you're using Linux, you may want to disable a certain feature.
The issue exists due to incorrect calculation of data lengths for an endpoint descriptor. An attacker can exploit this to determine the length of buffers in memory.
An issue was discovered in the Linux kernel before 5.16.12. drivers/net/usb/sr9700.c allows attackers to obtain sensitive information from heap memory via crafted frame lengths from a device. The issue exists due to incorrect calculation of data lengths for an endpoint descriptor. An attacker can exploit this to determine the length of buffers in memory.
Technical Description
The issue exists due to incorrect calculation of data lengths for an endpoint descriptor. An attacker can exploit this to determine the length of buffers in memory.
An issue was discovered in the Linux kernel before 5.16.12. KVM/svm.c mishandles certain reports with VMX/VMCB instructions combinations within the virtual address space. An attacker can exploit this to cause a denial of service (memory corruption and/or panic).
Timeline
Published on: 03/12/2022 22:15:00 UTC
Last modified on: 07/01/2022 14:15:00 UTC
References
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16.10
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=e9da0b56fe27206b49f39805f7dcda8a89379062
- https://security.netapp.com/advisory/ntap-20220419-0001/
- https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html
- https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-26966