CVE-2022-0171

Summary

A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root (host) user-level application to crash the host kernel by creating a confidential guest VM instance in AMD CPU that supports Secure Encrypted Virtualization (SEV).

Affected Software

VendorProductVersion RangeStatus
n/akernelFixed in kernel 5.18-rc4affected

Weaknesses

  • CWE-459: CWE-459 - Incomplete Cleanup.

ADP Enrichment

CVE Program Container

Additional References

References