5.5

CVE-2022-49054

Drivers: hv: vmbus: Deactivate sysctl_record_panic_msg by default in isolated guests

In the Linux kernel, the following vulnerability has been resolved:

Drivers: hv: vmbus: Deactivate sysctl_record_panic_msg by default in isolated guests

hv_panic_page might contain guest-sensitive information, do not dump it
over to Hyper-V by default in isolated guests.

While at it, update some comments in hyperv_{panic,die}_event().
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version < 5.15.35
LinuxLinux Kernel Version >= 5.16 < 5.17.4
LinuxLinux Kernel Version5.18 Updaterc1
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.26% 0.178
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://git.kernel.org/stable/c/1b576e81d31b56b248316b8ff816b1cc5c4407c7
Patch
https://git.kernel.org/stable/c/6230bc50d6d21cae4c084766623d0a6d17958721
Patch
https://git.kernel.org/stable/c/9f8b577f7b43b2170628d6c537252785dcc2dcea
Patch