CVE-2022-49883

Published: May 1, 2025

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: smm: number of GPRs in the SMRAM image depends on the image format On 64 bit host, if the guest doesn't have X86_FEATURE_LM, KVM will access 16 gprs to 32-bit smram image, causing out-ouf-bound ram access. On 32 bit host, the rsm_load_state_64/enter_smm_save_state_64 is compiled out, thus access overflow can't happen.

Vendor	Product	Versions
Linux	Linux	affected `b443183a25ab61840a12de92f8822849e017b9c8 - < a7ebfbea0f52550d7cdf12c38f3f5eaa7b2b6494` affected `b443183a25ab61840a12de92f8822849e017b9c8 - < 696db303e54f7352623d9f640e6c51d8fa9d5588`
Linux	Linux	affected `6.0` unaffected `0 - < 6.0` unaffected `6.0.8 - <= 6.0.` unaffected `6.1 - <= `

References

https://git.kernel.org/stable/c/a7ebfbea0f52550d7cdf12c38f3f5eaa7b2b6494

https://git.kernel.org/stable/c/696db303e54f7352623d9f640e6c51d8fa9d5588

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2022-49883

Description

Affected Products

References