CVE-2022-26966 An issue was discovered in the Linux kernel before 5.16.12

CVE-2022-26966 An issue was discovered in the Linux kernel before 5.16.12

The issue exists due to incorrect calculation of data lengths for an endpoint descriptor. An attacker can exploit this to determine the length of buffers in memory. An issue was discovered in the Linux kernel before 5.16.12. drivers/net/usb/sr9700.c allows attackers to obtain sensitive information from heap memory via crafted frame lengths from a device. The issue exists due to incorrect calculation of data lengths for an endpoint descriptor. An attacker can exploit this to determine the length of buffers in memory. An issue was discovered in the Linux kernel before 5.16.12. KVM/svm.c mishandles certain reports with VMX/VMCB instructions combinations within the virtual address space. An attacker can exploit this to cause a denial of service (memory corruption and/or panic). An issue was discovered in the Linux kernel before 5.16.12. KVM/svm.c mishandles certain reports with VMX/VMCB instructions combinations within the virtual address space. An attacker can exploit this to cause a denial of service (memory corruption and/or panic). An issue was discovered in the Linux kernel before 5.16.12. KVM/svm.c mishandles certain reports with VMX/VMCB instructions combinations within the virtual address space. An attacker can exploit this to cause a denial of service (memory corruption and/or panic). An issue was discovered in the Linux kernel before 5.16.12. KVM/s

SUMMARY

If you're using Linux, you may want to disable a certain feature.
The issue exists due to incorrect calculation of data lengths for an endpoint descriptor. An attacker can exploit this to determine the length of buffers in memory.
An issue was discovered in the Linux kernel before 5.16.12. drivers/net/usb/sr9700.c allows attackers to obtain sensitive information from heap memory via crafted frame lengths from a device. The issue exists due to incorrect calculation of data lengths for an endpoint descriptor. An attacker can exploit this to determine the length of buffers in memory.

Technical Description

The issue exists due to incorrect calculation of data lengths for an endpoint descriptor. An attacker can exploit this to determine the length of buffers in memory.
An issue was discovered in the Linux kernel before 5.16.12. KVM/svm.c mishandles certain reports with VMX/VMCB instructions combinations within the virtual address space. An attacker can exploit this to cause a denial of service (memory corruption and/or panic).

References

Subscribe to CVE.news
Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.
jamie@example.com
Subscribe