CVE-2022-0330
First published: Wed Jan 19 2022(Updated: )
A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU. This flaw allows a local user to crash the system or escalate their privileges on the system.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/kernel-rt | <0:3.10.0-1160.59.1.rt56.1200.el7 | 0:3.10.0-1160.59.1.rt56.1200.el7 |
| redhat/kernel | <0:3.10.0-1160.59.1.el7 | 0:3.10.0-1160.59.1.el7 |
| redhat/kernel | <0:3.10.0-514.99.1.el7 | 0:3.10.0-514.99.1.el7 |
| redhat/kernel | <0:3.10.0-693.99.1.el7 | 0:3.10.0-693.99.1.el7 |
| redhat/kernel | <0:3.10.0-957.92.1.el7 | 0:3.10.0-957.92.1.el7 |
| redhat/kernel | <0:3.10.0-1062.63.1.el7 | 0:3.10.0-1062.63.1.el7 |
| redhat/kernel-rt | <0:4.18.0-348.20.1.rt7.150.el8_5 | 0:4.18.0-348.20.1.rt7.150.el8_5 |
| redhat/kernel | <0:4.18.0-348.20.1.el8_5 | 0:4.18.0-348.20.1.el8_5 |
| redhat/kernel | <0:4.18.0-147.64.1.el8_1 | 0:4.18.0-147.64.1.el8_1 |
| redhat/kernel-rt | <0:4.18.0-193.79.1.rt13.129.el8_2 | 0:4.18.0-193.79.1.rt13.129.el8_2 |
| redhat/kernel | <0:4.18.0-193.79.1.el8_2 | 0:4.18.0-193.79.1.el8_2 |
| redhat/kernel-rt | <0:4.18.0-305.40.1.rt7.112.el8_4 | 0:4.18.0-305.40.1.rt7.112.el8_4 |
| redhat/kernel | <0:4.18.0-305.40.1.el8_4 | 0:4.18.0-305.40.1.el8_4 |
| redhat/redhat-virtualization-host | <0:4.3.22-20220330.1.el7_9 | 0:4.3.22-20220330.1.el7_9 |
| redhat/kernel | <5.17 | 5.17 |
| debian/linux | 5.10.223-1 5.10.226-1 6.1.123-1 6.1.128-1 6.12.12-1 6.12.15-1 | |
| Linux kernel | <5.17 | |
| Linux kernel | =5.17 | |
| Linux kernel | =5.17-rc1 | |
| Red Hat CodeReady Linux Builder | =8.0 | |
| Red Hat CodeReady Linux Builder | =8.4 | |
| Red Hat CodeReady Linux Builder | =8.2 | |
| Red Hat CodeReady Linux Builder for Power, little endian | =8.2 | |
| Red Hat CodeReady Linux Builder for Power, little endian | =8.0 | |
| Red Hat CodeReady Linux Builder for Power, little endian | =8.4 | |
| Red Hat Enterprise Linux Server Update Services for SAP Solutions | =7.7 | |
| Red Hat Enterprise Linux | =8.0 | |
| Red Hat Enterprise Linux Desktop | =7.0 | |
| Red Hat Enterprise Linux Server EUS | =8.2 | |
| Red Hat Enterprise Linux Server EUS | =8.4 | |
| Red Hat Enterprise Linux for IBM Z Systems | =8.0 | |
| Red Hat Enterprise Linux for IBM Z Systems (s390x) | =8.2 | |
| Red Hat Enterprise Linux for IBM Z Systems (s390x) | =8.4 | |
| Red Hat Enterprise Linux for Power, big endian | =7.0 | |
| Red Hat Enterprise Linux for Power, little endian | =7.0 | |
| Red Hat Enterprise Linux for Power, little endian | =8.0 | |
| Red Hat Enterprise Linux for Power, little endian - Extended Update Support | =8.2 | |
| Red Hat Enterprise Linux for Power, little endian - Extended Update Support | =8.4 | |
| Red Hat Enterprise Linux for Real Time | =7 | |
| Red Hat Enterprise Linux for Real Time | =8 | |
| Red Hat Enterprise Linux for Real Time for NFV | =7 | |
| Red Hat Enterprise Linux for Real Time for NFV | =8 | |
| Red Hat Enterprise Linux for Real Time for NFV | =8.2 | |
| Red Hat Enterprise Linux for Real Time for NFV | =8.4 | |
| Red Hat Enterprise Linux for Real Time | =8.2 | |
| Red Hat Enterprise Linux for Real Time | =8.4 | |
| Red Hat Enterprise Linux for Scientific Computing | =7.0 | |
| Red Hat Enterprise Linux Server | =7.0 | |
| Red Hat Enterprise Linux Server | =7.3 | |
| Red Hat Enterprise Linux Server | =7.4 | |
| Red Hat Enterprise Linux Server | =7.6 | |
| Red Hat Enterprise Linux Server | =7.7 | |
| Red Hat Enterprise Linux Server | =8.2 | |
| Red Hat Enterprise Linux Server | =8.4 | |
| Red Hat Enterprise Linux for SAP Applications for Power, little endian - Extended Update Support | =7.6 | |
| Red Hat Enterprise Linux for SAP Applications for Power, little endian - Extended Update Support | =7.7 | |
| Red Hat Enterprise Linux for SAP Applications for Power, little endian - Extended Update Support | =8.1 | |
| Red Hat Enterprise Linux for SAP Applications for Power, little endian - Extended Update Support | =8.2 | |
| Red Hat Enterprise Linux for SAP Applications for Power, little endian - Extended Update Support | =8.4 | |
| Red Hat Enterprise Linux Server | =7.7 | |
| Red Hat Enterprise Linux Server | =8.2 | |
| Red Hat Enterprise Linux Server | =8.4 | |
| Red Hat Enterprise Linux Server Update Services for SAP Solutions | =7.6 | |
| Red Hat Enterprise Linux Server Update Services for SAP Solutions | =8.1 | |
| Red Hat Enterprise Linux Server Update Services for SAP Solutions | =8.2 | |
| Red Hat Enterprise Linux Server Update Services for SAP Solutions | =8.4 | |
| Red Hat Enterprise Linux Workstation | =7.0 | |
| Red Hat Enterprise Virtualization | =4.0 | |
| Red Hat Virtualization Host EUS | =4.0 | |
| Red Hat Enterprise Linux | =8.0 | |
| Red Hat OpenShift API Management | =2.0 | |
| Red Hat Enterprise Linux | =7.0 | |
| Red Hat Developer Tools | =1.0 | |
| Red Hat Enterprise Linux | ||
| Red Hat Enterprise Linux for IBM Z Systems | ||
| Red Hat Enterprise Linux for Power, little endian | ||
| Fedora | =34 | |
| Fedora | =35 | |
| oVirt Node | =4.4.10 | |
| NetApp H300S Firmware | ||
| NetApp H300S | ||
| NetApp H500S Firmware | ||
| NetApp H500s | ||
| NetApp H700S | ||
| NetApp H700S | ||
| NetApp H300E Firmware | ||
| NetApp H300E Firmware | ||
| NetApp H500E | ||
| NetApp H500E | ||
| NetApp H700E | ||
| NetApp H700E | ||
| NetApp H410S Firmware | ||
| NetApp H410S Firmware | ||
| NetApp H410C Firmware | ||
| NetApp H410C | ||
| All of | ||
| Any of | ||
| Red Hat Enterprise Virtualization | =4.0 | |
| Red Hat Virtualization Host EUS | =4.0 | |
| Red Hat Enterprise Linux | =8.0 | |
| All of | ||
| Red Hat OpenShift API Management | =2.0 | |
| Red Hat Enterprise Linux | =7.0 | |
| All of | ||
| Red Hat Developer Tools | =1.0 | |
| Any of | ||
| Red Hat Enterprise Linux | ||
| Red Hat Enterprise Linux for IBM Z Systems | ||
| Red Hat Enterprise Linux for Power, little endian | ||
| All of | ||
| NetApp H300S Firmware | ||
| NetApp H300S | ||
| All of | ||
| NetApp H500S Firmware | ||
| NetApp H500s | ||
| All of | ||
| NetApp H700S | ||
| NetApp H700S | ||
| All of | ||
| NetApp H300E Firmware | ||
| NetApp H300E Firmware | ||
| All of | ||
| NetApp H500E | ||
| NetApp H500E | ||
| All of | ||
| NetApp H700E | ||
| NetApp H700E | ||
| All of | ||
| NetApp H410S Firmware | ||
| NetApp H410S Firmware | ||
| All of | ||
| NetApp H410C Firmware | ||
| NetApp H410C |
Remedy
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://www.cve.org/CVERecord?id=CVE-2022-0330 https://nvd.nist.gov/vuln/detail/CVE-2022-0330 https://www.openwall.com/lists/oss-security/2022/01/25/12
- https://bugzilla.redhat.com/show_bug.cgi?id=2042404
- https://access.redhat.com/errata/RHSA-2022:0622
- https://access.redhat.com/errata/RHSA-2022:0592
- https://access.redhat.com/errata/RHSA-2022:0620
- https://access.redhat.com/errata/RHSA-2022:1106
- https://access.redhat.com/errata/RHSA-2022:1104
- https://access.redhat.com/errata/RHSA-2022:1107
- https://access.redhat.com/errata/RHSA-2022:1103
- https://access.redhat.com/errata/RHSA-2022:0712
- https://access.redhat.com/errata/RHSA-2022:0718
- https://access.redhat.com/errata/RHSA-2022:0819
- https://access.redhat.com/errata/RHSA-2022:0825
- https://access.redhat.com/errata/RHSA-2022:0849
- https://access.redhat.com/errata/RHSA-2022:0823
- https://access.redhat.com/errata/RHSA-2022:0851
- https://access.redhat.com/errata/RHSA-2022:0958
- https://access.redhat.com/errata/RHSA-2022:0821
- https://access.redhat.com/errata/RHSA-2022:0820
- https://access.redhat.com/errata/RHSA-2022:0925
- https://access.redhat.com/errata/RHSA-2022:0771
- https://access.redhat.com/errata/RHSA-2022:0772
- https://access.redhat.com/errata/RHSA-2022:0777
- https://access.redhat.com/errata/RHSA-2022:1263
- https://access.redhat.com/errata/RHSA-2022:0841
- https://access.redhat.com/security/cve/cve-2022-0330
- https://www.openwall.com/lists/oss-security/2022/01/25/12
- https://security.netapp.com/advisory/ntap-20220526-0001/
- http://www.openwall.com/lists/oss-security/2022/11/30/1
- https://launchpad.net/bugs/cve/CVE-2022-0330
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2045870
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2046005
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0330
- https://nvd.nist.gov/vuln/detail/CVE-2022-0330
- https://security-tracker.debian.org/tracker/CVE-2022-0330
- https://ubuntu.com/security/CVE-2022-0330
- https://git.kernel.org/linus/7938d61591d33394a21bdd7797a245b65428f44c
Parent vulnerabilities
(Appears in the following advisories)
- RHSA-2022:0622
- RHSA-2022:0592
- RHSA-2022:0620
- RHSA-2022:1106
- RHSA-2022:1104
- RHSA-2022:1107
- RHSA-2022:1103
- RHSA-2022:0712
- RHSA-2022:0718
- RHSA-2022:0819
- RHSA-2022:0825
- RHSA-2022:0849
- RHSA-2022:0823
- RHSA-2022:0851
- RHSA-2022:0958
- RHSA-2022:0821
- RHSA-2022:0820
- RHSA-2022:0925
- RHSA-2022:0771
- RHSA-2022:0772
- RHSA-2022:0777
- RHSA-2022:1263
- RHSA-2022:0841
Frequently Asked Questions
What is the severity of CVE-2022-0330?
CVE-2022-0330 is considered a high severity vulnerability that could allow local users to crash the system or escalate their privileges.
How do I fix CVE-2022-0330?
To fix CVE-2022-0330, upgrade to the patched versions of the affected Red Hat kernel packages listed in the advisory.
Which systems are affected by CVE-2022-0330?
CVE-2022-0330 affects multiple versions of the Linux kernel in Red Hat Enterprise Linux and its derivatives.
What type of vulnerability is CVE-2022-0330?
CVE-2022-0330 is a random memory access flaw within the GPU i915 kernel driver functionality.
Can CVE-2022-0330 lead to remote code execution?
No, CVE-2022-0330 is not directly associated with remote code execution but can result in system crashes or privilege escalation.
- collector/redhat-cve
- agent/type
- agent/first-publish-date
- collector/launchpad-cve
- source/Launchpad
- agent/severity
- agent/weakness
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2022-0330
- agent/software-canonical-lookup
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/last-modified-date
- agent/remedy
- agent/trending
- agent/source
- agent/author
- collector/usn-cve
- source/Ubuntu
- agent/description
- collector/security-tracker-debian
- source/Debian
- agent/event
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-cve
- source/NVD
- package-manager/redhat
- package-manager/debian
- vendor/linux
- canonical/linux kernel
- version/linux kernel/5.17
- version/linux kernel/5.17-rc1
- vendor/redhat
- canonical/red hat codeready linux builder
- version/red hat codeready linux builder/8.0
- version/red hat codeready linux builder/8.4
- version/red hat codeready linux builder/8.2
- canonical/red hat codeready linux builder for power, little endian
- version/red hat codeready linux builder for power, little endian/8.2
- version/red hat codeready linux builder for power, little endian/8.0
- version/red hat codeready linux builder for power, little endian/8.4
- canonical/red hat enterprise linux server update services for sap solutions
- version/red hat enterprise linux server update services for sap solutions/7.7
- canonical/red hat enterprise linux
- version/red hat enterprise linux/8.0
- canonical/red hat enterprise linux desktop
- version/red hat enterprise linux desktop/7.0
- canonical/red hat enterprise linux server eus
- version/red hat enterprise linux server eus/8.2
- version/red hat enterprise linux server eus/8.4
- canonical/red hat enterprise linux for ibm z systems
- version/red hat enterprise linux for ibm z systems/8.0
- canonical/red hat enterprise linux for ibm z systems (s390x)
- version/red hat enterprise linux for ibm z systems (s390x)/8.2
- version/red hat enterprise linux for ibm z systems (s390x)/8.4
- canonical/red hat enterprise linux for power, big endian
- version/red hat enterprise linux for power, big endian/7.0
- canonical/red hat enterprise linux for power, little endian
- version/red hat enterprise linux for power, little endian/7.0
- version/red hat enterprise linux for power, little endian/8.0
- canonical/red hat enterprise linux for power, little endian - extended update support
- version/red hat enterprise linux for power, little endian - extended update support/8.2
- version/red hat enterprise linux for power, little endian - extended update support/8.4
- canonical/red hat enterprise linux for real time
- version/red hat enterprise linux for real time/7
- version/red hat enterprise linux for real time/8
- canonical/red hat enterprise linux for real time for nfv
- version/red hat enterprise linux for real time for nfv/7
- version/red hat enterprise linux for real time for nfv/8
- version/red hat enterprise linux for real time for nfv/8.2
- version/red hat enterprise linux for real time for nfv/8.4
- version/red hat enterprise linux for real time/8.2
- version/red hat enterprise linux for real time/8.4
- canonical/red hat enterprise linux for scientific computing
- version/red hat enterprise linux for scientific computing/7.0
- canonical/red hat enterprise linux server
- version/red hat enterprise linux server/7.0
- version/red hat enterprise linux server/7.3
- version/red hat enterprise linux server/7.4
- version/red hat enterprise linux server/7.6
- version/red hat enterprise linux server/7.7
- version/red hat enterprise linux server/8.2
- version/red hat enterprise linux server/8.4
- canonical/red hat enterprise linux for sap applications for power, little endian - extended update support
- version/red hat enterprise linux for sap applications for power, little endian - extended update support/7.6
- version/red hat enterprise linux for sap applications for power, little endian - extended update support/7.7
- version/red hat enterprise linux for sap applications for power, little endian - extended update support/8.1
- version/red hat enterprise linux for sap applications for power, little endian - extended update support/8.2
- version/red hat enterprise linux for sap applications for power, little endian - extended update support/8.4
- version/red hat enterprise linux server update services for sap solutions/7.6
- version/red hat enterprise linux server update services for sap solutions/8.1
- version/red hat enterprise linux server update services for sap solutions/8.2
- version/red hat enterprise linux server update services for sap solutions/8.4
- canonical/red hat enterprise linux workstation
- version/red hat enterprise linux workstation/7.0
- canonical/red hat enterprise virtualization
- version/red hat enterprise virtualization/4.0
- canonical/red hat virtualization host eus
- version/red hat virtualization host eus/4.0
- canonical/red hat openshift api management
- version/red hat openshift api management/2.0
- version/red hat enterprise linux/7.0
- canonical/red hat developer tools
- version/red hat developer tools/1.0
- vendor/fedoraproject
- canonical/fedora
- version/fedora/34
- version/fedora/35
- canonical/ovirt node
- version/ovirt node/4.4.10
- vendor/netapp
- canonical/netapp h300s firmware
- canonical/netapp h300s
- canonical/netapp h500s firmware
- canonical/netapp h500s
- canonical/netapp h700s
- canonical/netapp h300e firmware
- canonical/netapp h500e
- canonical/netapp h700e
- canonical/netapp h410s firmware
- canonical/netapp h410c firmware
- canonical/netapp h410c