Risk
Low
Patch available
YES
Number of vulnerabilities
7
CVE-ID
CVE-2020-36310CVE-2022-0001CVE-2022-0002CVE-2022-0487CVE-2022-0492CVE-2022-0617CVE-2022-25636
CWE-ID
CWE-835CWE-200CWE-416CWE-264CWE-476CWE-122
Exploitation vector
Local
Public exploit
Public exploit code for vulnerability #4 is available.Public exploit code for vulnerability #5 is available.Public exploit code for vulnerability #7 is available.
Vulnerable softwareSubscribe
linux (Debian package)Operating systems & Components / Operating system package or component
Vendor
Debian
Security Bulletin
This security bulletin contains information about 7 vulnerabilities.
1) Infinite loop
EUVDB-ID: #VU61272
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-36310
CWE-ID: CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
Exploit availability: No
Description
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop in set_memory_region_test in arch/x86/kvm/svm/svm.c. A local user ..
Support the originator by clicking the read the rest link below.
