CVE-2022-1789
MEDIUMLinux Kernel < 5.8 - NULL Pointer Dereference via INVPCID Instruction with CR0.PG=0
Title source: llmDescription
With shadow paging enabled, the INVPCID instruction results in a call to kvm_mmu_invpcid_gva. If INVPCID is executed with CR0.PG=0, the invlpg callback is not set and the result is a NULL pointer dereference.
References (7)
Core 7
Core References
Not Applicable x_refsource_misc
https://francozappa.github.io/about-bias/
Not Applicable x_refsource_misc
https://bugzilla.redhat.com/show_bug.cgi?id=1832397
Not Applicable x_refsource_misc
https://kb.cert.org/vuls/id/647177/
Mailing List, Third Party Advisory vendor-advisory
x_refsource_fedora
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IBUOQTNTQ4ZCXHOCNKYIL2ZUIAZ675RD/
Mailing List, Third Party Advisory vendor-advisory
x_refsource_fedora
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KCEAPIVPRTJHKPF2A2HVF5XHD5XJT3MN/
Mailing List, Third Party Advisory vendor-advisory
x_refsource_fedora
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H6JP355XFVAB33X4BNO3ERVTURFYEDB7/
Third Party Advisory vendor-advisory
x_refsource_debian
https://www.debian.org/security/2022/dsa-5161
Scores
CVSS v3
6.8
EPSS
0.0002
EPSS Percentile
4.7%
Attack Vector
PHYSICAL
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-476
Status
published
Products (6)
debian/debian_linux
11.0
fedoraproject/fedora
34
fedoraproject/fedora
35
fedoraproject/fedora
36
linux/linux_kernel
< 5.8
redhat/enterprise_linux
9.0
Published
Jun 02, 2022
Tracked Since
Feb 18, 2026