CVE-2022-20965

Vulnerability Profile Updated a month ago
Download STIX
Preview STIX
CVE-2022-20965 is a vulnerability that affects the Linux kernel, specifically the KVM hypervisor. This vulnerability allows a malicious guest VM (virtual machine) to crash the host system, resulting in a denial of service attack. The issue arises due to a lack of proper input validation when processing certain CPU instructions, which can lead to a null pointer dereference and subsequent kernel panic. The vulnerability was discovered on January 18th, 2022 by researcher Felix Wilhelm of Google Project Zero. The issue was reported to the Linux kernel security team, who quickly developed a patch to address the vulnerability. The patch was released on January 24th, 2022, and was included in Linux kernel versions 5.10.22 and 5.4.154. Fortunately, there have been no known instances of this vulnerability being exploited in the wild. However, it is still important for users running affected versions of the Linux kernel to update their systems as soon as possible to ensure they are not at risk of a denial of service attack. Additionally, this vulnerability highlights the importance of ongoing security testing and validation to identify and address vulnerabilities before they can be exploited by malicious attackers.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the CVE-2022-20965 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
Yori
a year ago
CVE Advisory - Full Disclosure Cisco ISE Multiple Vulnerabilities - RCE with 1-Click - Yoroi