CVE-2022-49883
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
01/05/2025
Last modified:
02/05/2025
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
KVM: x86: smm: number of GPRs in the SMRAM image depends on the image format<br />
<br />
On 64 bit host, if the guest doesn&#39;t have X86_FEATURE_LM, KVM will<br />
access 16 gprs to 32-bit smram image, causing out-ouf-bound ram<br />
access.<br />
<br />
On 32 bit host, the rsm_load_state_64/enter_smm_save_state_64<br />
is compiled out, thus access overflow can&#39;t happen.