Vulnerability Description
An incorrect TLB flush issue was found in the Linux kernel’s GPU i915 kernel driver, potentially leading to random memory corruption or data leaks. This flaw could allow a local user to crash the system or escalate their privileges on the system.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | >= 5.4, < 5.4.226 |
Related Weaknesses (CWE)
References
- https://bugzilla.redhat.com/show_bug.cgi?id=2147572Issue TrackingPatchThird Party Advisory
- https://security.netapp.com/advisory/ntap-20230309-0004/Third Party Advisory
- https://www.openwall.com/lists/oss-security/2022/11/30/1Mailing ListThird Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2147572Issue TrackingPatchThird Party Advisory
- https://security.netapp.com/advisory/ntap-20230309-0004/Third Party Advisory
- https://www.openwall.com/lists/oss-security/2022/11/30/1Mailing ListThird Party Advisory
FAQ
What is CVE-2022-4139?
CVE-2022-4139 is a vulnerability with a CVSS score of 7.8 (HIGH). An incorrect TLB flush issue was found in the Linux kernel’s GPU i915 kernel driver, potentially leading to random memory corruption or data leaks. This flaw could allow a local user to crash the syst...
How severe is CVE-2022-4139?
CVE-2022-4139 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-4139?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.