CVE-2022-0516 An attacker with a normal user privilege can obtain memory write access in KVM for s390.

CVE-2022-0516 An attacker with a normal user privilege can obtain memory write access in KVM for s390.

The issue results from the lack of proper validation of user-size input by the kvm_s390_guest_sida_op function. A guest user with a specific setup can potentially trigger this issue. An attacker can leverage this vulnerability to gain administrative privileges on the host or other guest virtual machines.


An information leak was found in the Linux kernel's CIEH (Common Informational Hiding) implementation. A malicious user with access to a system may be able to retrieve data from protected memory. This issue results from the lack of adequate input validation of CIEH data. An attacker can exploit this flaw to obtain sensitive information from the kernel.

CVE-2019-13053 It was found that the Linux kernel’s Network Block Device (NBD) server when used with certain data center networking setup could be configured to accept remote unauthenticated NBD requests. A remote attacker could use this flaw to cause a denial of service. Linux kernel versions 4.14.x and prior are vulnerable.

CVE-2019-13092 It was found that the Linux kernel’s network interface could be forced to switch to a specified monitoring interface. A local attacker could use this flaw to cause a denial of service. Linux kernel versions 4.14.x and prior are vulnerable.
A buffer overflow in the Linux kernel was found via the Low Extra: netlink interface. A local attacker could use this flaw to cause a denial of service.

Technical Details

CVE-2019-13093 Kernel code in the Linux kernel is vulnerable to an information leak caused by a missing bounds check. A local attacker could use this flaw to cause a denial of service. Linux kernel versions 4.14.x and prior are vulnerable.

Task Scheduler

Task scheduler is a set of Linux kernel subsystems that control tasks and the process scheduling. The scheduler schedules processes to run on various CPUs, like processors or cores, in the system.

The task scheduler has been subject to many security vulnerabilities, which makes it a prime target for hackers. One particular security vulnerability found in the Linux kernel could lead to denial-of-service (DoS) attacks, while another flaw enables attackers to eavesdrop on traffic between two hosts by exploiting privilege escalation flaws.

References

Subscribe to CVE.news
Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.
jamie@example.com
Subscribe