Vulnerability Name: | CVE-2022-3707 (CCN-249364) | ||||||||||||||||
Assigned: | 2022-10-07 | ||||||||||||||||
Published: | 2022-10-07 | ||||||||||||||||
Updated: | 2023-05-03 | ||||||||||||||||
Summary: | Linux Kernel is vulnerable to a denial of service, caused by a double-free memory flaw in the intel_gvt_dma_map_guest_page function. By sending a specially-crafted request, a local authenticated attacker could exploit this vulnerability to cause the system to crash. | ||||||||||||||||
CVSS v3 Severity: | 5.5 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H) 4.8 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)
4.8 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)
| ||||||||||||||||
CVSS v2 Severity: | 4.6 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:S/C:N/I:N/A:C)
| ||||||||||||||||
Vulnerability Consequences: | Denial of Service | ||||||||||||||||
References: | Source: MITRE Type: CNA CVE-2022-3707 Source: XF Type: UNKNOWN linux-kernel-cve20223707-dos(249364) Source: CCN Type: Linux Kernel GIT Repository drm/i915/gvt: fix double free bug in split_2MB_gtt_entry | ||||||||||||||||
Vulnerable Configuration: | Configuration CCN 1:![]() | ||||||||||||||||
Oval Definitions | |||||||||||||||||
| |||||||||||||||||
BACK |