CVE-2022-49556
KVM: SVM: Use kzalloc for sev ioctl interfaces to prevent kernel data leak
Vexday Risk Score
3Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS —EPSS 0.3%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
26 feb 2025Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
In the Linux kernel, the following vulnerability has been resolved:
KVM: SVM: Use kzalloc for sev ioctl interfaces to prevent kernel data leak
For some sev ioctl interfaces, the length parameter that is passed maybe
less than or equal to SEV_FW_BLOB_MAX_SIZE, but larger than the data
that PSP firmware returns. In this case, kmalloc will allocate memory
that is the size of the input rather than the size of the data.
Since PSP firmware doesn't fully overwrite the allocated buffer, these
sev ioctl interface may return uninitialized kernel slab memory.
Productos afectados
Linux · Linux¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
https://git.kernel.org/stable/c/401bef1f95de92c3a8c6eece46e02fa88d7285eehttps://git.kernel.org/stable/c/57a01725339f9d82b099102ba2751621b1caab93https://git.kernel.org/stable/c/bbdcc644b59e01e98c68894a9fab42b9687f42b0https://git.kernel.org/stable/c/d22d2474e3953996f03528b84b7f52cc26a39403https://git.kernel.org/stable/c/d8fdb4b24097472ff6b3c0559448200d420b1418