CVE-2022-1789: Null Pointer Dereference
First published: Wed May 25 2022(Updated: )
A flaw was found in KVM. With shadow paging enabled if INVPCID is executed with CR0.PG=0, the invlpg callback is not set, and the result is a NULL pointer dereference. This flaw allows a guest user to cause a kernel oops condition on the host, resulting in a denial of service.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/kernel-rt | <0:4.18.0-477.10.1.rt7.274.el8_8 | 0:4.18.0-477.10.1.rt7.274.el8_8 |
| redhat/kernel | <0:4.18.0-477.10.1.el8_8 | 0:4.18.0-477.10.1.el8_8 |
| redhat/kernel | <0:5.14.0-284.11.1.el9_2 | 0:5.14.0-284.11.1.el9_2 |
| redhat/kernel-rt | <0:5.14.0-284.11.1.rt14.296.el9_2 | 0:5.14.0-284.11.1.rt14.296.el9_2 |
| redhat/kernel | <5.18 | 5.18 |
| Linux kernel | <5.8 | |
| Fedora | =34 | |
| Fedora | =35 | |
| Fedora | =36 | |
| Red Hat Enterprise Linux | =9.0 | |
| Debian | =11.0 | |
| debian/linux | 5.10.223-1 5.10.234-1 6.1.123-1 6.1.128-1 6.12.12-1 6.12.17-1 |
Remedy
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://www.cve.org/CVERecord?id=CVE-2022-1789 https://nvd.nist.gov/vuln/detail/CVE-2022-1789 https://github.com/advisories/GHSA-v8pq-23qj-q7x7 https://www.openwall.com/lists/oss-security/2022/05/25/2
- https://bugzilla.redhat.com/show_bug.cgi?id=2090723
- https://access.redhat.com/errata/RHSA-2023:2736
- https://access.redhat.com/errata/RHSA-2023:2951
- https://access.redhat.com/errata/RHSA-2023:2458
- https://access.redhat.com/errata/RHSA-2023:2148
- https://access.redhat.com/security/cve/cve-2022-1789
- https://bugzilla.redhat.com/show_bug.cgi?id=1832397
- https://francozappa.github.io/about-bias/
- https://kb.cert.org/vuls/id/647177/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/H6JP355XFVAB33X4BNO3ERVTURFYEDB7/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IBUOQTNTQ4ZCXHOCNKYIL2ZUIAZ675RD/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KCEAPIVPRTJHKPF2A2HVF5XHD5XJT3MN/
- https://www.debian.org/security/2022/dsa-5161
- https://launchpad.net/bugs/cve/CVE-2022-1789
- https://www.openwall.com/lists/oss-security/2022/05/25/2
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2090724
- https://github.com/torvalds/linux/commit/9f46c187e2e680ecd9de7983e4d081c3391acc76
- https://access.redhat.com/errata/RHSA-2024:4447
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IBUOQTNTQ4ZCXHOCNKYIL2ZUIAZ675RD/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KCEAPIVPRTJHKPF2A2HVF5XHD5XJT3MN/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H6JP355XFVAB33X4BNO3ERVTURFYEDB7/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1789
- https://nvd.nist.gov/vuln/detail/CVE-2022-1789
- https://security-tracker.debian.org/tracker/CVE-2022-1789
- https://ubuntu.com/security/CVE-2022-1789
- https://git.kernel.org/linus/9f46c187e2e680ecd9de7983e4d081c3391acc76
Parent vulnerabilities
(Appears in the following advisories)
Frequently Asked Questions
What is the severity of CVE-2022-1789?
CVE-2022-1789 is classified as a denial of service vulnerability due to a NULL pointer dereference that can cause a kernel oops condition.
How do I fix CVE-2022-1789?
To fix CVE-2022-1789, update the kernel to version 0:4.18.0-477.10.1.rt7.274.el8_8 or higher for Red Hat environments.
Which systems are affected by CVE-2022-1789?
CVE-2022-1789 affects various versions of the Linux kernel, including specific builds for Red Hat and Fedora.
What type of vulnerability is CVE-2022-1789?
CVE-2022-1789 is a flaw found in KVM (Kernel-based Virtual Machine) that can be exploited to cause denial of service.
Can guest users exploit CVE-2022-1789?
Yes, guest users can exploit CVE-2022-1789 to trigger a kernel oops condition on the host system.
- collector/redhat-cve
- agent/first-publish-date
- collector/launchpad-cve
- source/Launchpad
- agent/type
- agent/severity
- agent/weakness
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2022-1789
- agent/software-canonical-lookup
- collector/mitre-cve
- source/MITRE
- agent/trending
- agent/last-modified-date
- agent/references
- agent/remedy
- agent/source
- agent/author
- collector/usn-cve
- source/Ubuntu
- agent/description
- agent/event
- agent/softwarecombine
- agent/tags
- collector/security-tracker-debian
- source/Debian
- collector/nvd-cve
- source/NVD
- agent/software-canonical-lookup-request
- collector/nvd-index
- package-manager/redhat
- package-manager/debian
- vendor/linux
- canonical/linux kernel
- vendor/fedoraproject
- canonical/fedora
- version/fedora/34
- version/fedora/35
- version/fedora/36
- vendor/redhat
- canonical/red hat enterprise linux
- version/red hat enterprise linux/9.0
- vendor/debian
- canonical/debian
- version/debian/11.0