{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T21:49:01.621","vulnerabilities":[{"cve":{"id":"CVE-2022-1158","sourceIdentifier":"secalert@redhat.com","published":"2022-08-05T17:15:08.017","lastModified":"2024-11-21T06:40:09.267","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in KVM. When updating a guest's page table entry, vm_pgoff was improperly used as the offset to get the page's pfn. As vaddr and vm_pgoff are controllable by user-mode processes, this flaw allows unprivileged local users on the host to write outside the userspace region and potentially corrupt the kernel, resulting in a denial of service condition."},{"lang":"es","value":"Se ha encontrado un fallo en KVM. Cuando era actualizada la entrada de la tabla de páginas de un huésped, vm_pgoff era usado incorrectamente como desplazamiento para obtener el pfn de la página. Como vaddr y vm_pgoff son controlables por procesos en modo usuario, este fallo permite a usuarios locales no privilegiado en el host escribir fuera de la región del espacio de usuario y potencialmente corromper el kernel, resultando en una condición de denegación de servicio"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.2","versionEndExcluding":"5.4.189","matchCriteriaId":"1C388193-E002-43D1-9296-FE6FEC623F34"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.5","versionEndExcluding":"5.10.110","matchCriteriaId":"91D3BFD0-D3F3-4018-957C-96CCBF357D79"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.33","matchCriteriaId":"27C42AE8-B387-43E2-938A-E1C8B40BE6D5"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"5.16.19","matchCriteriaId":"20C43679-0439-405A-B97F-685BEE50613B"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.17","versionEndExcluding":"5.17.2","matchCriteriaId":"210C679C-CF84-44A3-8939-E629C87E54BF"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*","matchCriteriaId":"5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","matchCriteriaId":"F4CFF558-3C47-480D-A2F0-BABF26042943"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"7F6FB57C-2BC7-487C-96DD-132683AEB35D"}]}]}],"references":[{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2069793","source":"secalert@redhat.com","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://security.netapp.com/advisory/ntap-20230214-0003/","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://www.openwall.com/lists/oss-security/2022/04/08/4","source":"secalert@redhat.com","tags":["Exploit","Mailing List","Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2069793","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://security.netapp.com/advisory/ntap-20230214-0003/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.openwall.com/lists/oss-security/2022/04/08/4","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Mailing List","Third Party Advisory"]}]}}]}