CVE Details

Release Date:2022-11-23


A race condition in the x86 KVM subsystem in the Linux kernel through 6.1-rc6 allows guest OS users to cause a denial of service (host OS crash or host OS memory corruption) when nested virtualisation and the TDP MMU are enabled.

See more information about CVE-2022-45869 from MITRE CVE dictionary and NIST NVD

CVSS v3.0 metrics

NOTE: The following CVSS v3.0 metrics and score provided are preliminary and subject to review.

Base Score: 5.5 Base Metrics: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Access Vector: Local network Attack Complexity: Low
Privileges Required: Low User Interaction: None
Scope: Unchanged Confidentiality Impact: None
Integrity Impact: None Availability Impact: High

Errata information

PlatformErrataRelease Date
Oracle Linux version 8 (kernel)ELSA-2023-70772023-11-17
Oracle Linux version 8 (kernel-uek)ELSA-2023-121162023-02-13
Oracle Linux version 8 (kernel-uek)ELSA-2023-121202023-02-13
Oracle Linux version 9 (kernel)ELSA-2023-43772023-08-04
Oracle Linux version 9 (kernel-uek)ELSA-2023-121162023-02-13

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team