Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2022-49610
PUBLISHED
More InfoOfficial Page
Assigner-Linux
Assigner Org ID-416baaa9-dc9f-4396-8d5f-8c081fb06d67
View Known Exploited Vulnerability (KEV) details
Published At-26 Feb, 2025 | 02:23
Updated At-11 May, 2026 | 19:03
Rejected At-
▼CVE Numbering Authority (CNA)
KVM: VMX: Prevent RSB underflow before vmenter

In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Prevent RSB underflow before vmenter On VMX, there are some balanced returns between the time the guest's SPEC_CTRL value is written, and the vmenter. Balanced returns (matched by a preceding call) are usually ok, but it's at least theoretically possible an NMI with a deep call stack could empty the RSB before one of the returns. For maximum paranoia, don't allow *any* returns (balanced or otherwise) between the SPEC_CTRL write and the vmenter. [ bp: Fix 32-bit build. ]

Affected Products
Vendor
Linux Kernel Organization, IncLinux
Product
Linux
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Program Files
  • arch/x86/kernel/asm-offsets.c
  • arch/x86/kernel/cpu/bugs.c
  • arch/x86/kvm/vmx/capabilities.h
  • arch/x86/kvm/vmx/vmenter.S
  • arch/x86/kvm/vmx/vmx.c
  • arch/x86/kvm/vmx/vmx.h
  • arch/x86/kvm/vmx/vmx_ops.h
Default Status
unaffected
Versions
Affected
  • From d28b387fb74da95d69d2615732f50cceb38e9a4d before afd743f6dde87296c6f3414706964c491bb85862 (git)
  • From d28b387fb74da95d69d2615732f50cceb38e9a4d before 07853adc29a058c5fd143c14e5ac528448a72ed9 (git)
  • 44491a23b73789c0a914af4ea55ccf8968adf90b (git)
  • fc6aae9f407810cb153a9133c28735871f9f0a16 (git)
Vendor
Linux Kernel Organization, IncLinux
Product
Linux
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Program Files
  • arch/x86/kernel/asm-offsets.c
  • arch/x86/kernel/cpu/bugs.c
  • arch/x86/kvm/vmx/capabilities.h
  • arch/x86/kvm/vmx/vmenter.S
  • arch/x86/kvm/vmx/vmx.c
  • arch/x86/kvm/vmx/vmx.h
  • arch/x86/kvm/vmx/vmx_ops.h
Default Status
affected
Versions
Affected
  • 4.16
Unaffected
  • From 0 before 4.16 (semver)
  • From 5.18.14 through 5.18.* (semver)
  • From 5.19 through * (original_commit_for_fix)
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://git.kernel.org/stable/c/afd743f6dde87296c6f3414706964c491bb85862
N/A
https://git.kernel.org/stable/c/07853adc29a058c5fd143c14e5ac528448a72ed9
N/A
Hyperlink: https://git.kernel.org/stable/c/afd743f6dde87296c6f3414706964c491bb85862
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/07853adc29a058c5fd143c14e5ac528448a72ed9
Resource: N/A
Details not found