{"id":"CVE-2019-7222","details":"The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak.","modified":"2026-04-16T01:44:31.794240162Z","published":"2019-03-21T16:01:11.127Z","related":["SUSE-SU-2019:0541-1","SUSE-SU-2019:0765-1","SUSE-SU-2019:0767-1","SUSE-SU-2019:0784-1","SUSE-SU-2019:0785-1","SUSE-SU-2019:0828-1","SUSE-SU-2019:0901-1","SUSE-SU-2019:1289-1","SUSE-SU-2019:13979-1","openSUSE-SU-2019:0203-1","openSUSE-SU-2024:10728-1","openSUSE-SU-2024:13704-1"],"database_specific":{"unresolved_ranges":[{"cpe":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*","extracted_events":[{"last_affected":"12.04"}],"source":"CPE_FIELD"},{"cpe":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","extracted_events":[{"last_affected":"14.04"}],"source":"CPE_FIELD"},{"cpe":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","extracted_events":[{"last_affected":"16.04"}],"source":"CPE_FIELD"},{"cpe":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","extracted_events":[{"last_affected":"18.04"}],"source":"CPE_FIELD"},{"cpe":"cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","extracted_events":[{"last_affected":"18.10"}],"source":"CPE_FIELD"},{"cpe":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","extracted_events":[{"last_affected":"8.0"}],"source":"CPE_FIELD"},{"cpe":"cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*","extracted_events":[{"last_affected":"28"}],"source":"CPE_FIELD"},{"cpe":"cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*","extracted_events":[{"last_affected":"29"}],"source":"CPE_FIELD"},{"cpe":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","extracted_events":[{"last_affected":"4.20.5"}],"source":"CPE_FIELD"},{"cpe":"cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","extracted_events":[{"last_affected":"15.0"}],"source":"CPE_FIELD"},{"cpe":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","extracted_events":[{"last_affected":"8.0"}],"source":"CPE_FIELD"},{"cpe":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","extracted_events":[{"last_affected":"7.0"}],"source":"CPE_FIELD"},{"cpe":"cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*","extracted_events":[{"last_affected":"8.1"}],"source":"CPE_FIELD"},{"cpe":"cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*","extracted_events":[{"last_affected":"8.2"}],"source":"CPE_FIELD"},{"cpe":"cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*","extracted_events":[{"last_affected":"8.4"}],"source":"CPE_FIELD"},{"cpe":"cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*","extracted_events":[{"last_affected":"8.6"}],"source":"CPE_FIELD"},{"cpe":"cpe:2.3:o:redhat:enterprise_linux_for_real_time:7:*:*:*:*:*:*:*","extracted_events":[{"last_affected":"7"}],"source":"CPE_FIELD"},{"cpe":"cpe:2.3:o:redhat:enterprise_linux_for_real_time:8:*:*:*:*:*:*:*","extracted_events":[{"last_affected":"8"}],"source":"CPE_FIELD"},{"cpe":"cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv:7:*:*:*:*:*:*:*","extracted_events":[{"last_affected":"7"}],"source":"CPE_FIELD"},{"cpe":"cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv_tus:8.2:*:*:*:*:*:*:*","extracted_events":[{"last_affected":"8.2"}],"source":"CPE_FIELD"},{"cpe":"cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv_tus:8.4:*:*:*:*:*:*:*","extracted_events":[{"last_affected":"8.4"}],"source":"CPE_FIELD"},{"cpe":"cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv_tus:8.6:*:*:*:*:*:*:*","extracted_events":[{"last_affected":"8.6"}],"source":"CPE_FIELD"},{"cpe":"cpe:2.3:o:redhat:enterprise_linux_for_real_time_tus:8.2:*:*:*:*:*:*:*","extracted_events":[{"last_affected":"8.2"}],"source":"CPE_FIELD"},{"cpe":"cpe:2.3:o:redhat:enterprise_linux_for_real_time_tus:8.4:*:*:*:*:*:*:*","extracted_events":[{"last_affected":"8.4"}],"source":"CPE_FIELD"},{"cpe":"cpe:2.3:o:redhat:enterprise_linux_for_real_time_tus:8.6:*:*:*:*:*:*:*","extracted_events":[{"last_affected":"8.6"}],"source":"CPE_FIELD"},{"cpe":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","extracted_events":[{"last_affected":"7.0"}],"source":"CPE_FIELD"},{"cpe":"cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*","extracted_events":[{"last_affected":"8.2"}],"source":"CPE_FIELD"},{"cpe":"cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*","extracted_events":[{"last_affected":"8.4"}],"source":"CPE_FIELD"},{"cpe":"cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*","extracted_events":[{"last_affected":"8.6"}],"source":"CPE_FIELD"},{"cpe":"cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*","extracted_events":[{"last_affected":"8.2"}],"source":"CPE_FIELD"},{"cpe":"cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*","extracted_events":[{"last_affected":"8.4"}],"source":"CPE_FIELD"},{"cpe":"cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*","extracted_events":[{"last_affected":"8.6"}],"source":"CPE_FIELD"},{"cpe":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","extracted_events":[{"last_affected":"7.0"}],"source":"CPE_FIELD"},{"extracted_events":[{"fixed":"4.20.5"}],"source":"DESCRIPTION"}]},"references":[{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KDOXCX3QFVWYXH5CQMGDDE7H6MUG5XGG/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y2HMABEMJDPA6LPCBE5WIEZXUKY7DLTN/"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00042.html"},{"type":"ADVISORY","url":"http://packetstormsecurity.com/files/151712/KVM-kvm_inject_page_fault-Uninitialized-Memory-Leak.html"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/106963"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:2029"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:2043"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:3309"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:3517"},{"type":"ADVISORY","url":"https://github.com/torvalds/linux/commits/master/arch/x86/kvm"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2019/05/msg00002.html"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20190404-0002/"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/3930-1/"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/3930-2/"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/3931-1/"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/3931-2/"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/3932-1/"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/3932-2/"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/3933-1/"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/3933-2/"},{"type":"FIX","url":"http://www.openwall.com/lists/oss-security/2019/02/18/2"},{"type":"FIX","url":"https://bugs.chromium.org/p/project-zero/issues/detail?id=1759"},{"type":"FIX","url":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=353c0956a618a07ba4bbe7ad00ff29fe70e8412a"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git","events":[{"introduced":"0"},{"fixed":"353c0956a618a07ba4bbe7ad00ff29fe70e8412a"}],"database_specific":{"source":"REFERENCES"}}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-7222.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}]}