CVE-2022-0171: A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root (host) user-level application to crash the host…

[MEDIUM] Siemens SIMATIC S7-1500 TM MFP Linux Kernel ICS Advisory ## Siemens SIMATIC S7-1500 TM MFP Linux Kernel Release DateJune 15, 2023 Alert CodeICSA-23-166-11 ## As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). ## 1. EXECUTIVE SUMMARY - CVSS v3 9.8 - ATTENTION: Exploitable remotely / low attack complexity / public exploits available - Vendor: Siemens ProductCERT - Equipment: SIMATIC S7-1500 TM MFP - Vulnerabilities: Multiple vulnerabilities ## 2. RISK EVALUATION Exploitation of these vulnerabilities could lead to denial-of-service, crashing t

CVE-2022-4095 [MEDIUM] Linux kernel (GKE) vulnerabilities Title: Linux kernel (GKE) vulnerabilities Summary: Several security issues were fixed in the Linux kernel. Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-4378) Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-42896) Mingwei Zhang discovered that the KVM implementation for AMD processors in the Linux kernel did not properly handle cache coherency with Secure Encrypted Virtualization

CVE-2022-39188 [MEDIUM] Linux kernel vulnerabilities Title: Linux kernel vulnerabilities Summary: Several security issues were fixed in the Linux kernel. Mingwei Zhang discovered that the KVM implementation for AMD processors in the Linux kernel did not properly handle cache coherency with Secure Encrypted Virtualization (SEV). A local attacker could possibly use this to cause a denial of service (host system crash). (CVE-2022-0171) It was discovered that a race condition existed in the Android Binder IPC subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-20421) David Leadbeater discovered that the netfilter IRC protocol tracking implementation in the Linux Kernel incorrectly handled certain mes

CVE-2022-3646 [MEDIUM] Linux kernel vulnerabilities Title: Linux kernel vulnerabilities Summary: Several security issues were fixed in the Linux kernel. Mingwei Zhang discovered that the KVM implementation for AMD processors in the Linux kernel did not properly handle cache coherency with Secure Encrypted Virtualization (SEV). A local attacker could possibly use this to cause a denial of service (host system crash). (CVE-2022-0171) It was discovered that a race condition existed in the Android Binder IPC subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-20421) David Leadbeater discovered that the netfilter IRC protocol tracking implementation in the Linux Kernel incorrectly handled certain mes

CVE-2022-0171 [MEDIUM] CWE-212 A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root (host) user-level application to crash the host kernel by creating a confidential guest VM ins A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root (host) user-level application to crash the host kernel by creating a confidential guest VM instance in AMD CPU that supports Secure Encrypted Virtualization (SEV). FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See this blog post for more informatio

CVE-2022-0171 [MEDIUM] CWE-212 kernel: KVM: cache incoherence issue in SEV API may lead to kernel crash kernel: KVM: cache incoherence issue in SEV API may lead to kernel crash A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root (host) user-level application to crash the host kernel by creating a confidential guest VM instance in AMD CPU that supports Secure Encrypted Virtualization (SEV). A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root (host) user-level application to crash the host kernel by creating a confidential guest VM instance in AMD CPU that supports Secure Encrypted Virtualization (SEV). Statement: This flaw does not affect the versions of the kernel packages as shipped with Red Hat Enterprise Linux 6 and 7, as they did not include support for SEV. Red Hat Enterprise L

CVE-2022-0171 [MEDIUM] CVE-2022-0171: linux - A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerabili... A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root (host) user-level application to crash the host kernel by creating a confidential guest VM instance in AMD CPU that supports Secure Encrypted Virtualization (SEV). Scope: local bookworm: resolved (fixed in 5.18.2-1) bullseye: resolved (fixed in 5.10.149-1) forky: resolved (fixed in 5.18.2-1) sid: resolved (fixed in 5.18.2-1) trixie: resolved (fixed in 5.18.2-1)

CVE-2018-0171 [CRITICAL] CWE-20 Cisco IOS and IOS XE Software Smart Install Remote Code Execution Vulnerability Vulnerability: Cisco IOS and IOS XE Software Smart Install Remote Code Execution Vulnerability Affected: Cisco IOS and IOS XE Cisco IOS and IOS XE Software improperly validates packet data, allowing an unauthenticated, remote attacker to trigger a reload of an affected device, cause a denial-of-service (DoS) condition, or perform code execution on the affected device. Required Action: Apply updates per vendor instructions. Notes: https://nvd.nist.gov/vuln/detail/CVE-2018-0171 Remediation Due Date: 2022-05-03

CVE-2022-4378 [MEDIUM] linux-gke-5.15 vulnerabilities linux-gke-5.15 vulnerabilities Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-4378) Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-42896) Mingwei Zhang discovered that the KVM implementation for AMD processors in the Linux kernel did not properly handle cache coherency with Secure Encrypted Virtualization (SEV). A local attacker could possibly use this to cause a denial of service

CVE-2022-0171 [MEDIUM] linux-aws, linux-aws-5.15, linux-azure, linux-azure-5.15, linux-azure-fde vulnerabilities linux-aws, linux-aws-5.15, linux-azure, linux-azure-5.15, linux-azure-fde vulnerabilities Mingwei Zhang discovered that the KVM implementation for AMD processors in the Linux kernel did not properly handle cache coherency with Secure Encrypted Virtualization (SEV). A local attacker could possibly use this to cause a denial of service (host system crash). (CVE-2022-0171) It was discovered that a race condition existed in the Android Binder IPC subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-20421) David Leadbeater discovered that the netfilter IRC protocol tracking implementation in the Linux Kernel incorrectly handled certain message payload

CVE-2022-0171 [MEDIUM] linux, linux-gcp, linux-gke, linux-gkeop, linux-hwe-5.15, linux-ibm, linux-kvm, linux-lowlatency, linux-oracle, linux-raspi, vulnerabilities linux, linux-gcp, linux-gke, linux-gkeop, linux-hwe-5.15, linux-ibm, linux-kvm, linux-lowlatency, linux-oracle, linux-raspi, vulnerabilities Mingwei Zhang discovered that the KVM implementation for AMD processors in the Linux kernel did not properly handle cache coherency with Secure Encrypted Virtualization (SEV). A local attacker could possibly use this to cause a denial of service (host system crash). (CVE-2022-0171) It was discovered that a race condition existed in the Android Binder IPC subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-20421) David Leadbeater discovered that the netfilter IRC protocol tracking implementation in the Linux

CVE-2022-0171 [MEDIUM] CWE-212 GHSA-963w-7frp-mf37: A flaw was found in the Linux kernel A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root (host) user-level application to crash the host kernel by creating a confidential guest VM instance in AMD CPU that supports Secure Encrypted Virtualization (SEV).

CVE-2022-0171 [MEDIUM] CVE-2022-0171: A flaw was found in the Linux kernel A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root (host) user-level application to crash the host kernel by creating a confidential guest VM instance in AMD CPU that supports Secure Encrypted Virtualization (SEV).

CVE-2022-0171 [MEDIUM] CVE-2022-0171 kernel: KVM: cache incoherence issue in SEV API may lead to kernel crash CVE-2022-0171 kernel: KVM: cache incoherence issue in SEV API may lead to kernel crash The existing KVM SEV API has a vulnerability that allows a non-root (host) user-level application to crash the host kernel by creating a confidential guest VM instance in AMD CPU that supports SEV. Upstream fix: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=bb4ce2c65881a2b9bdcd384f54a260a12a89dd91 Discussion: OSD notaffected. --- Created kernel tracking bugs for this issue: Affects: fedora-all [bug 2084659] --- In reply to comment #0: > Upstream fix: > > https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/ > ?id=bb4ce2c65881a2b9bdcd384f54a260a12a89dd91 More specific commit: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/