CVE-2022-2196

Updated: 2023-11-04 20:12:38.760838

Description:

A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks. L2 can carry out Spectre v2 attacks on L1 due to L1 thinking it doesn't need retpolines or IBPB after running L2 due to KVM (L0) advertising eIBRS support to L1. An attacker at L2 with code execution can execute code on an indirect branch on the host machine. We recommend upgrading to Kernel 6.2 or past commit 2e7eab81425a


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x 0
CVSS Version 3.x HIGH 8.8

Status

OS name Project name Version Score Severity Status Errata Last updated
AlmaLinux 9.2 ESU kernel 5.14.0 8.8 HIGH Already Fixed 2024-01-18 13:10:49
AlmaLinux 9.2 FIPS kernel 5.14.0 8.8 HIGH Already Fixed 2024-01-18 13:09:49
CentOS 6 ELS kernel 2.6.32 8.8 HIGH Not Vulnerable 2024-02-16 08:36:38
CentOS 7 ELS kernel 3.10.0 8.8 HIGH In Rollout CLSA-2024:1730801690 2024-11-05 06:58:00
CentOS 8.4 ELS kernel 4.18.0 8.8 HIGH Released CLSA-2023:1686585068 2023-06-13 09:08:07
CentOS 8.5 ELS kernel 4.18.0 8.8 HIGH Released CLSA-2023:1686651204 2023-06-13 09:08:08
CentOS Stream 8 ELS kernel 4.18.0 8.8 HIGH Already Fixed 2024-10-12 05:24:20
CloudLinux 6 ELS kernel 2.6.32 8.8 HIGH Not Vulnerable 2023-09-21 14:13:37
CloudLinux 7 ELS kernel 3.10.0 8.8 HIGH Not Vulnerable 2024-10-23 01:29:49
Oracle Linux 6 ELS kernel 2.6.32 8.8 HIGH Not Vulnerable 2024-02-16 08:36:38
Total: 13