ASB-A-245869446
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/ASB-A-245869446.json
- JSON Data
- https://api.osv.dev/v1/vulns/ASB-A-245869446
- Aliases
-
- A-245869446
- CVE-2022-39189
- Published
- 2023-02-01T00:00:00Z
- Modified
- 2025-12-01T16:34:43.995810Z
- Summary
- [none]
- Details
-
In multiple functions of many files, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android / :linux_kernel:
Package
- Name
- :linux_kernel:
Ecosystem specific
{
"fixes": [
"https://android.googlesource.com/kernel/common/+/0be362f248a062b0c57b24bd16250e48aca1258b"
],
"types": [
"EoP"
],
"severity": "High",
"vanir_signatures": [
{
"id": "ASB-A-245869446-1b08df49",
"target": {
"file": "arch/x86/kvm/x86.c",
"function": "kvm_steal_time_set_preempted"
},
"digest": {
"function_hash": "38604489406231837717793669152131606938",
"length": 755.0
},
"deprecated": false,
"signature_type": "Function",
"source": "https://android.googlesource.com/kernel/common/+/0be362f248a062b0c57b24bd16250e48aca1258b",
"signature_version": "v1"
},
{
"id": "ASB-A-245869446-4e113419",
"target": {
"file": "arch/x86/kvm/vmx/vmx.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"59692480275264766853165137104156426228",
"214353513911615457213562912492860417937",
"273877541879068920260347504933113745277",
"15798145667535997922991764239401250078"
]
},
"deprecated": false,
"signature_type": "Line",
"source": "https://android.googlesource.com/kernel/common/+/0be362f248a062b0c57b24bd16250e48aca1258b",
"signature_version": "v1"
},
{
"id": "ASB-A-245869446-5374c6e8",
"target": {
"file": "arch/x86/kvm/vmx/vmx.c",
"function": "handle_external_interrupt_irqoff"
},
"digest": {
"function_hash": "165481017018219247378593075874815406330",
"length": 333.0
},
"deprecated": false,
"signature_type": "Function",
"source": "https://android.googlesource.com/kernel/common/+/0be362f248a062b0c57b24bd16250e48aca1258b",
"signature_version": "v1"
},
{
"id": "ASB-A-245869446-bb6c2651",
"target": {
"file": "arch/x86/kvm/x86.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"77013427174380958763618251436307309217",
"260912490785269495300238009067040999760",
"27048756297649844329325457963885708573",
"214724014562384713343912824674964654335",
"305645830347182943102607156739301999758",
"195355178703760701337862641816984625414",
"302809168331074603663963560945904877504",
"221736838959360489411131341271589814399",
"137936098070211798298446521327929481847",
"280460129927042103704893367658740007798",
"195828335554372007478403600861262374234"
]
},
"deprecated": false,
"signature_type": "Line",
"source": "https://android.googlesource.com/kernel/common/+/0be362f248a062b0c57b24bd16250e48aca1258b",
"signature_version": "v1"
},
{
"id": "ASB-A-245869446-c5347606",
"target": {
"file": "arch/x86/kvm/x86.c",
"function": "vcpu_run"
},
"digest": {
"function_hash": "33828916803657510720769090657283268307",
"length": 799.0
},
"deprecated": false,
"signature_type": "Function",
"source": "https://android.googlesource.com/kernel/common/+/0be362f248a062b0c57b24bd16250e48aca1258b",
"signature_version": "v1"
},
{
"id": "ASB-A-245869446-e2250a01",
"target": {
"file": "arch/x86/include/asm/kvm_host.h"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"27455215021659110276612552094316477814",
"32679905025671916597419488091600971837",
"261160318527586754838829020256618233405",
"163987717602089840069875587587559850486",
"337327902055208212947137973516695178292",
"250204395601394085695912527180843271660",
"177798265508470921274907416937320593741",
"146010721565448674377621111995655250043"
]
},
"deprecated": false,
"signature_type": "Line",
"source": "https://android.googlesource.com/kernel/common/+/0be362f248a062b0c57b24bd16250e48aca1258b",
"signature_version": "v1"
},
{
"id": "ASB-A-245869446-f6ae6194",
"target": {
"file": "arch/x86/kvm/svm/svm.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"319180214301471377585150049024309308330",
"50373122713968120405096298349158498297",
"262696856476674390061976107357942042546",
"335269534060379695117872965537878128774"
]
},
"deprecated": false,
"signature_type": "Line",
"source": "https://android.googlesource.com/kernel/common/+/0be362f248a062b0c57b24bd16250e48aca1258b",
"signature_version": "v1"
}
],
"spl": "2023-02-05"
}