Vulnerability in Linux Kernel's KVM SEV API Allows Host Kernel Crash via Confidential Guest VM Instance

Vulnerability in Linux Kernel's KVM SEV API Allows Host Kernel Crash via Confidential Guest VM Instance

CVE-2022-0171 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root (host) user-level application to crash the host kernel by creating a confidential guest VM instance in AMD CPU that supports Secure Encrypted Virtualization (SEV).

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.