UBUNTU-CVE-2022-48943

HIGH7.8

In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: make apf token non-zero to fix bug In current async pagefault logic, when a page is ready, KVM relies on kvm_arch_can_

Published Aug 22, 2024

Modified 2 months ago

Fix available

Details

In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: make apf token non-zero to fix bug In current async pagefault logic, when a page is ready, KVM relies on kvm_arch_can_dequeue_async_page_present() to determine whether to deliver a READY event to the Guest. This function test token value of struct kvm_vcpu_pv_apf_data, which must be reset to zero by Guest kernel when a READY event is finished by Guest. If value is zero meaning that a READY event is done, so the KVM can deliver another. But the kvm_arch_setup_async_pf() may produce a valid token with zero value, which is confused with previous mention and may lead the loss of this READY event. This bug may cause task blocked forever in Guest: INFO: task stress:7532 blocked for more than 1254 seconds. Not tainted 5.10.0 #16 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:stress state:D stack: 0 pid: 7532 ppid: 1409 flags:0x00000080 Call Trace: __schedule+0x1e7/0x650 schedule+0x46/0xb0 kvm_async_pf_task_wait_schedule+0xad/0xe0 ? exit_to_user_mode_prepare+0x60/0x70 __kvm_handle_async_pf+0x4f/0xb0 ? asm_exc_page_fault+0x8/0x30 exc_page_fault+0x6f/0x110 ? asm_exc_page_fault+0x8/0x30 asm_exc_page_fault+0x1e/0x30 RIP: 0033:0x402d00 RSP: 002b:00007ffd31912500 EFLAGS: 00010206 RAX: 0000000000071000 RBX: ffffffffffffffff RCX: 00000000021a32b0 RDX: 000000000007d011 RSI: 000000000007d000 RDI: 00000000021262b0 RBP: 00000000021262b0 R08: 0000000000000003 R09: 0000000000000086 R10: 00000000000000eb R11: 00007fefbdf2baa0 R12: 0000000000000000 R13: 0000000000000002 R14: 000000000007d000 R15: 0000000000001000

Affected Packages(132 packages)

linux-hwe-edge

Ubuntu 16.04 LTS

Affected versions:

4.10.0-14.16~16.04.14.10.0-19.21~16.04.14.10.0-20.22~16.04.14.10.0-21.23~16.04.14.10.0-22.24~16.04.14.10.0-24.28~16.04.14.10.0-26.30~16.04.14.11.0-13.19~16.04.14.11.0-14.20~16.04.14.13.0-16.19~16.04.3+13 more

linux-aws-5.0

Ubuntu 18.04 LTS

Affected versions:

5.0.0-1021.24~18.04.15.0.0-1022.25~18.04.15.0.0-1023.26~18.04.15.0.0-1024.27~18.04.15.0.0-1025.285.0.0-1027.30

linux-aws-5.3

Ubuntu 18.04 LTS

Affected versions:

5.3.0-1016.17~18.04.15.3.0-1017.18~18.04.15.3.0-1019.21~18.04.15.3.0-1023.25~18.04.15.3.0-1028.30~18.04.15.3.0-1030.32~18.04.15.3.0-1032.34~18.04.25.3.0-1033.355.3.0-1034.365.3.0-1035.37

linux-azure

Ubuntu 18.04 LTS

Affected versions:

4.15.0-1002.24.15.0-1003.34.15.0-1004.44.15.0-1008.84.15.0-1009.94.15.0-1012.124.15.0-1013.134.15.0-1014.144.15.0-1018.184.15.0-1019.19+34 more

linux-azure-5.3

Ubuntu 18.04 LTS

Affected versions:

5.3.0-1007.8~18.04.15.3.0-1008.9~18.04.15.3.0-1009.10~18.04.15.3.0-1010.11~18.04.15.3.0-1012.13~18.04.15.3.0-1013.14~18.04.15.3.0-1016.17~18.04.15.3.0-1018.19~18.04.15.3.0-1019.20~18.04.15.3.0-1020.21~18.04.1+6 more

linux-azure-edge

Ubuntu 18.04 LTS

Affected versions:

4.18.0-1006.6~18.04.14.18.0-1007.7~18.04.14.18.0-1008.8~18.04.15.0.0-1012.12~18.04.2

linux-gcp

Ubuntu 18.04 LTS

Affected versions:

4.15.0-1001.14.15.0-1003.34.15.0-1005.54.15.0-1006.64.15.0-1008.84.15.0-1009.94.15.0-1010.104.15.0-1014.144.15.0-1015.154.15.0-1017.18+28 more

linux-gcp-5.3

Ubuntu 18.04 LTS

Affected versions:

5.3.0-1008.9~18.04.15.3.0-1009.10~18.04.15.3.0-1010.11~18.04.15.3.0-1012.13~18.04.15.3.0-1014.15~18.04.15.3.0-1016.17~18.04.15.3.0-1017.18~18.04.15.3.0-1018.19~18.04.15.3.0-1020.22~18.04.15.3.0-1026.28~18.04.1+3 more

linux-gke-4.15

Ubuntu 18.04 LTS

Affected versions:

4.15.0-1030.324.15.0-1032.344.15.0-1033.354.15.0-1034.364.15.0-1036.384.15.0-1037.394.15.0-1040.424.15.0-1041.434.15.0-1042.444.15.0-1044.46+23 more

linux-gke-5.4

Ubuntu 18.04 LTS

Affected versions:

5.4.0-1025.25~18.04.15.4.0-1027.28~18.04.15.4.0-1029.31~18.04.15.4.0-1030.32~18.04.15.4.0-1032.34~18.04.15.4.0-1033.35~18.04.15.4.0-1035.37~18.04.15.4.0-1036.38~18.04.15.4.0-1037.39~18.04.15.4.0-1039.41~18.04.1+27 more

References

https://git.kernel.org/linus/6f3c1fc53d86d580d8d6d749c4af23705e4f6f79

https://git.kernel.org/stable/c/4c3644b6c96c5daa5149e5abddc07234eea47c7c

https://git.kernel.org/stable/c/62040f5cd7d937de547836e747b6aa8212fec573

https://git.kernel.org/stable/c/6f3c1fc53d86d580d8d6d749c4af23705e4f6f79

https://git.kernel.org/stable/c/72fdfc75d4217b32363cc80def3de2cb3fef3f02

https://ubuntu.com/security/CVE-2022-48943

https://ubuntu.com/security/notices/USN-7121-1

https://ubuntu.com/security/notices/USN-7121-2

https://ubuntu.com/security/notices/USN-7121-3

https://ubuntu.com/security/notices/USN-7122-1

https://ubuntu.com/security/notices/USN-7148-1

https://ubuntu.com/security/notices/USN-7159-1

https://ubuntu.com/security/notices/USN-7159-2

https://ubuntu.com/security/notices/USN-7159-3

https://ubuntu.com/security/notices/USN-7159-4

https://ubuntu.com/security/notices/USN-7159-5

https://ubuntu.com/security/notices/USN-7195-1

https://ubuntu.com/security/notices/USN-7195-2

https://www.cve.org/CVERecord?id=CVE-2022-48943

CVSS Analysis

CVSS v3.1

Exploitability

Attack Vector

LocalAV:L

Attack Complexity

LowAC:L

Privileges Required

LowPR:L

User Interaction

NoneUI:N

Scope

Scope

UnchangedS:U

Impact

Confidentiality

HighC:H

Integrity

HighI:H

Availability

HighA:H

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Upstream

Related

USN-7121-1 USN-7121-2 USN-7121-3 USN-7122-1 USN-7148-1 USN-7159-1 USN-7159-2 USN-7159-3 USN-7159-4 USN-7159-5 USN-7195-1 USN-7195-2

Ecosystems(13)

Ubuntu 16.04 LTS Ubuntu 18.04 LTS Ubuntu 20.04 LTS Ubuntu 22.04 LTS Ubuntu 24.04 LTS

Timeline

PublishedAug 22, 2024

ModifiedJan 14, 2026

UBUNTU-CVE-2022-48943 | Mondoo Vulnerability Intelligence