CVE-2022-39189 — linux - security update

Description

An issue was discovered the x86 KVM subsystem in the Linux kernel before 5.18.17. Unprivileged guest users can compromise the guest kernel because TLB flush operations are mishandled in certain KVM_VCPU_PREEMPTED situations.

How to fix CVE-2022-39189

To remediate CVE-2022-39189, upgrade the affected package to a fixed version below.

Debian/linux—upgrade to 5.10.191-1 or later
—upgrade to 5.10.191-1 or later
—upgrade to 5.10.197-1~deb10u1 or later

Is CVE-2022-39189 being exploited?

Low — EPSS is 0.0%, meaning exploitation activity has not been observed at scale.

Affected packages (3)

from 0, < 5.10.191-1
from 0, < 5.10.191-1
from 0, < 5.10.197-1~deb10u1

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	HIGH7.8	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References (1)

ADVISORYsecurity-tracker.debian.org/tracker/CVE-2022-39189