Bug 2042404 (CVE-2022-0330) - CVE-2022-0330 kernel: possible privileges escalation due to missing TLB flush
Summary: CVE-2022-0330 kernel: possible privileges escalation due to missing TLB flush
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2022-0330
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
high
high
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 2044315 2044316 2044317 2044318 2044319 2044320 2044321 2044322 2044323 2044324 2044325 2044326 2044327 2044328 2044329 2044330 2044331 2044332 2044333 2044334 2044335 2044336 2044368 2044369 2044371 2044372 2044373 2044374 2044375 2044376 2044377 2044378 2045870 2046005
Blocks: 2042393 2043552
TreeView+ depends on / blocked
 
Reported: 2022-01-19 12:56 UTC by Marian Rehak
Modified: 2022-05-17 09:01 UTC (History)
62 users (show)

Fixed In Version: kernel 5.17-rc2
Doc Type: If docs needed, set a value
Doc Text:
A random memory access flaw was found in the Linux kernel’s GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU. This flaw allows a local user to crash the system or escalate their privileges on the system.
Clone Of:
Environment:
Last Closed: 2022-05-11 15:16:26 UTC
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2022:0679 0 None None None 2022-02-24 20:40:57 UTC
Red Hat Product Errata RHBA-2022:0690 0 None None None 2022-02-28 14:16:46 UTC
Red Hat Product Errata RHBA-2022:0740 0 None None None 2022-03-03 15:58:25 UTC
Red Hat Product Errata RHBA-2022:1282 0 None None None 2022-04-08 13:26:46 UTC
Red Hat Product Errata RHSA-2022:0592 0 None None None 2022-02-22 09:12:31 UTC
Red Hat Product Errata RHSA-2022:0620 0 None None None 2022-02-22 16:58:20 UTC
Red Hat Product Errata RHSA-2022:0622 0 None None None 2022-02-22 17:01:04 UTC
Red Hat Product Errata RHSA-2022:0712 0 None None None 2022-03-01 12:44:54 UTC
Red Hat Product Errata RHSA-2022:0718 0 None None None 2022-03-01 12:47:22 UTC
Red Hat Product Errata RHSA-2022:0771 0 None None None 2022-03-08 15:04:22 UTC
Red Hat Product Errata RHSA-2022:0772 0 None None None 2022-03-08 15:55:29 UTC
Red Hat Product Errata RHSA-2022:0777 0 None None None 2022-03-08 17:50:58 UTC
Red Hat Product Errata RHSA-2022:0819 0 None None None 2022-03-10 15:04:23 UTC
Red Hat Product Errata RHSA-2022:0820 0 None None None 2022-03-10 15:54:35 UTC
Red Hat Product Errata RHSA-2022:0821 0 None None None 2022-03-10 15:13:25 UTC
Red Hat Product Errata RHSA-2022:0823 0 None None None 2022-03-10 15:31:58 UTC
Red Hat Product Errata RHSA-2022:0825 0 None None None 2022-03-10 16:15:38 UTC
Red Hat Product Errata RHSA-2022:0841 0 None None None 2022-03-14 09:23:06 UTC
Red Hat Product Errata RHSA-2022:0849 0 None None None 2022-03-14 10:48:41 UTC
Red Hat Product Errata RHSA-2022:0851 0 None None None 2022-03-14 10:19:36 UTC
Red Hat Product Errata RHSA-2022:0925 0 None None None 2022-03-15 13:36:43 UTC
Red Hat Product Errata RHSA-2022:0958 0 None None None 2022-03-17 16:28:16 UTC
Red Hat Product Errata RHSA-2022:1103 0 None None None 2022-03-29 09:07:29 UTC
Red Hat Product Errata RHSA-2022:1104 0 None None None 2022-03-29 08:51:00 UTC
Red Hat Product Errata RHSA-2022:1106 0 None None None 2022-03-29 08:42:27 UTC
Red Hat Product Errata RHSA-2022:1107 0 None None None 2022-03-29 09:54:49 UTC
Red Hat Product Errata RHSA-2022:1263 0 None None None 2022-04-07 09:03:27 UTC

Description Marian Rehak 2022-01-19 12:56:17 UTC 
A random memory access flaw was found in the Linux kernel’s GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU. This flaw allows a local user to crash the system or escalate their privileges on the system.

Reference:
https://www.openwall.com/lists/oss-security/2022/01/25/12
Comment 16 Guilherme de Almeida Suckevicz 2022-01-25 20:11:38 UTC 
Created kernel tracking bugs for this issue:

Affects: fedora-all [bug 2045870]
Comment 17 Sandro Bonazzola 2022-01-26 07:24:19 UTC 
Created oVirt tracking bug for this issue:

Affects: oVirt Node 4.4 [ bug 2046005 ]
Comment 25 errata-xmlrpc 2022-02-22 09:12:26 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2022:0592 https://access.redhat.com/errata/RHSA-2022:0592
Comment 26 errata-xmlrpc 2022-02-22 16:58:16 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2022:0620 https://access.redhat.com/errata/RHSA-2022:0620
Comment 27 errata-xmlrpc 2022-02-22 17:01:00 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2022:0622 https://access.redhat.com/errata/RHSA-2022:0622
Comment 28 errata-xmlrpc 2022-03-01 12:44:49 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7.7 Advanced Update Support
  Red Hat Enterprise Linux 7.7 Update Services for SAP Solutions
  Red Hat Enterprise Linux 7.7 Telco Extended Update Support

Via RHSA-2022:0712 https://access.redhat.com/errata/RHSA-2022:0712
Comment 29 errata-xmlrpc 2022-03-01 12:47:18 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7.7 Update Services for SAP Solutions

Via RHSA-2022:0718 https://access.redhat.com/errata/RHSA-2022:0718
Comment 30 errata-xmlrpc 2022-03-08 15:04:18 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.4 Extended Update Support

Via RHSA-2022:0771 https://access.redhat.com/errata/RHSA-2022:0771
Comment 31 errata-xmlrpc 2022-03-08 15:55:25 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.4 Extended Update Support

Via RHSA-2022:0772 https://access.redhat.com/errata/RHSA-2022:0772
Comment 32 errata-xmlrpc 2022-03-08 17:50:53 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.4 Extended Update Support

Via RHSA-2022:0777 https://access.redhat.com/errata/RHSA-2022:0777
Comment 33 errata-xmlrpc 2022-03-10 15:04:19 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2022:0819 https://access.redhat.com/errata/RHSA-2022:0819
Comment 34 errata-xmlrpc 2022-03-10 15:13:22 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.2 Extended Update Support

Via RHSA-2022:0821 https://access.redhat.com/errata/RHSA-2022:0821
Comment 35 errata-xmlrpc 2022-03-10 15:31:54 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions

Via RHSA-2022:0823 https://access.redhat.com/errata/RHSA-2022:0823
Comment 36 errata-xmlrpc 2022-03-10 15:54:30 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.2 Extended Update Support

Via RHSA-2022:0820 https://access.redhat.com/errata/RHSA-2022:0820
Comment 37 errata-xmlrpc 2022-03-10 16:15:34 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2022:0825 https://access.redhat.com/errata/RHSA-2022:0825
Comment 38 errata-xmlrpc 2022-03-14 09:23:01 UTC 
This issue has been addressed in the following products:

  Red Hat Virtualization 4 for Red Hat Enterprise Linux 8

Via RHSA-2022:0841 https://access.redhat.com/errata/RHSA-2022:0841
Comment 39 errata-xmlrpc 2022-03-14 10:19:32 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions

Via RHSA-2022:0851 https://access.redhat.com/errata/RHSA-2022:0851
Comment 40 errata-xmlrpc 2022-03-14 10:48:36 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2022:0849 https://access.redhat.com/errata/RHSA-2022:0849
Comment 41 errata-xmlrpc 2022-03-15 13:36:39 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.2 Extended Update Support

Via RHSA-2022:0925 https://access.redhat.com/errata/RHSA-2022:0925
Comment 42 errata-xmlrpc 2022-03-17 16:28:12 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions

Via RHSA-2022:0958 https://access.redhat.com/errata/RHSA-2022:0958
Comment 43 errata-xmlrpc 2022-03-29 08:42:23 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7.3 Advanced Update Support

Via RHSA-2022:1106 https://access.redhat.com/errata/RHSA-2022:1106
Comment 44 errata-xmlrpc 2022-03-29 08:50:56 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7.4 Advanced Update Support

Via RHSA-2022:1104 https://access.redhat.com/errata/RHSA-2022:1104
Comment 45 errata-xmlrpc 2022-03-29 09:07:25 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7.6 Update Services for SAP Solutions

Via RHSA-2022:1103 https://access.redhat.com/errata/RHSA-2022:1103
Comment 46 errata-xmlrpc 2022-03-29 09:54:44 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7.6 Advanced Update Support
  Red Hat Enterprise Linux 7.6 Update Services for SAP Solutions
  Red Hat Enterprise Linux 7.6 Telco Extended Update Support

Via RHSA-2022:1107 https://access.redhat.com/errata/RHSA-2022:1107
Comment 48 errata-xmlrpc 2022-04-07 09:03:23 UTC 
This issue has been addressed in the following products:

  Red Hat Virtualization 4 for Red Hat Enterprise Linux 7

Via RHSA-2022:1263 https://access.redhat.com/errata/RHSA-2022:1263
Comment 49 Product Security DevOps Team 2022-05-11 15:16:21 UTC 
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2022-0330
Note You need to log in before you can comment on or make changes to this bug.