CVE-2022-0516: A vulnerability was found in kvm_s390_guest_sida_op in the arch/s390/kvm/kvm-s390.c function in KVM for s390 in the Linux kernel. This flaw allows a local…

high7.8CVSS 3.1

AVLACLPRLUINSUCHIHAH

A vulnerability was found in kvm_s390_guest_sida_op in the arch/s390/kvm/kvm-s390.c function in KVM for s390 in the Linux kernel. This flaw allows a local attacker with a normal user privilege to obtain unauthorized memory write access. This flaw affects Linux kernel versions prior to 5.17-rc4.

Affected

26 ranges· showing 25

Vendor	Product	Version range	Fixed in
debian	debian_linux	—	—
debian	linux	< linux 5.16.10-1 (bookworm)	linux 5.16.10-1 (bookworm)
fedoraproject	fedora	—	—
fedoraproject	fedora	—	—
linux	linux_kernel	< 5.17	5.17
linux	linux_kernel	—	—
linux	linux_kernel	—	—
linux	linux_kernel	>= 0 < 5.10.92-2	5.10.92-2
linux	linux_kernel	>= 0 < 5.16.10-1	5.16.10-1
linux	linux_kernel	>= 0 < 5.16.10-1	5.16.10-1
linux	linux_kernel	>= 0 < 5.16.10-1	5.16.10-1
linux	linux_kernel	>= 0 < 5.4.0-105.119	5.4.0-105.119
msrc	cbl2_kernel_5.15.32.1-2_on_cbl_mariner_2.0	—	—
msrc	cm1_kernel_5.10.102.1-3_on_cbl_mariner_1.0	—	—
paloalto	pan-os	—	—
redhat	enterprise_linux	—	—
redhat	enterprise_linux_eus	—	—
redhat	enterprise_linux_for_ibm_z_systems	—	—
redhat	enterprise_linux_for_ibm_z_systems_eus	—	—
redhat	enterprise_linux_for_power_little_endian	—	—
redhat	enterprise_linux_for_power_little_endian_eus	—	—
redhat	enterprise_linux_server_aus	—	—
redhat	enterprise_linux_server_for_power_little_endian_update_services_for_sap_solution	—	—
redhat	enterprise_linux_server_tus	—	—
redhat	enterprise_linux_server_update_services_for_sap_solutions	—	—

CVSS provenance

nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

osv7.8HIGH