Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.6
CVSSv2

CVE-2021-22543

Published: 26/05/2021 Updated: 09/11/2023
CVSS v2 Base Score: 4.6 | Impact Score: 6.4 | Exploitability Score: 3.9
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
VMScore: 410
Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Linux Kernel

Vulnerability Summary

An issue exists in Linux: KVM through Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks and can lead to pages being freed while still accessible by the VMM and guest. This allows users with the ability to start and control a VM to read/write random pages of memory and can result in local privilege escalation.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

linux linux kernel 2021-05-18

fedoraproject fedora 33

fedoraproject fedora 34

debian debian linux 9.0

netapp h410c_firmware -

netapp h300s_firmware -

netapp h500s_firmware -

netapp h700s_firmware -

netapp h300e_firmware -

netapp h500e_firmware -

netapp h700e_firmware -

netapp h410s_firmware -

netapp cloud backup -

netapp solidfire baseboard management controller firmware -

Vendor Advisories

Red Hat: Important: kernel security update
Synopsis Important: kernel security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kernel is now available for Red Hat Enterprise Linux 6 Extended Lifecycle SupportRed Hat Product Security has rated ...
Amazon Linux AMI: ALAS-2021-1539
A flaw was found in the Linux kernel When reusing a socket with an attached dccps_hc_tx_ccid as a listener, the socket will be used after being released leading to denial of service (DoS) or a potential code execution The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability (CVE-2020-1611 ...
Red Hat: CVE-2021-22543
An issue was discovered in the Linux: KVM through Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks and can lead to pages being freed while still accessible by the VMM and guest This allows users with the ability to start and control a VM to read/write random pages of memory and can result in local privilege escalation ...
Amazon Linux 2: ALAS2KERNEL-5.4-2022-004
A flaw was found in the Linux kernels implementation of wifi fragmentation handling An attacker with the ability to transmit within the wireless transmission range of an access point can abuse a flaw where previous contents of wifi fragments can be unintentionally transmitted to another device (CVE-2020-24586) A flaw was found in the Linux kernel ...
Amazon Linux 2: ALAS2-2021-1699
A flaw was found in the Linux kernel's KVM implementation, where improper handing of the VM_IO|VM_PFNMAP VMAs in KVM bypasses RO checks and leads to pages being freed while still accessible by the VMM and guest This flaw allows users who can start and control a VM to read/write random pages of memory, resulting in local privilege escalation The h ...
Amazon Linux 2: ALAS2KERNEL-5.10-2022-002
A flaw was found in the Linux kernels implementation of wifi fragmentation handling An attacker with the ability to transmit within the wireless transmission range of an access point can abuse a flaw where previous contents of wifi fragments can be unintentionally transmitted to another device (CVE-2020-24586) A flaw was found in the Linux kernel ...
Arch Linux Issues:
An issue was discovered in the Linux KVM· through Improper handling of VM_IO|VM_PFNMAP, vmas in KVM can bypass RO checks and can lead to pages being freed while still accessible by the VMM and guest This allows users with the ability to start and control a VM to read/write random pages of memory and can result in local privilege escalation ...

Mailing Lists

Full Disclosure: Re: CVE-2021-22543 - /dev/kvm LPE
<!--X-Body-Begin--> <!--X-User-Header--> oss-sec mailing list archives <!--X-User-Header-End--> <!--X-TopPNI--> By Date By Thread </form> <!--X-TopPNI-End--> <!--X-MsgBody--> <!--X-Subject-Header-Begin--> Re: CVE-2021-22543 - /dev/kvm LPE <!--X-Subject-Header-End--> <!--X-Head-of-Message--> From: Solar Designer &lt;solar () ope ...
Full Disclosure: Re: CVE-2021-22543 - /dev/kvm LPE
<!--X-Body-Begin--> <!--X-User-Header--> oss-sec mailing list archives <!--X-User-Header-End--> <!--X-TopPNI--> By Date By Thread </form> <!--X-TopPNI-End--> <!--X-MsgBody--> <!--X-Subject-Header-Begin--> Re: CVE-2021-22543 - /dev/kvm LPE <!--X-Subject-Header-End--> <!--X-Head-of-Message--> From: Paolo Bonzini &lt;pbonzini () r ...
Full Disclosure: CVE-2021-22543 - /dev/kvm LPE
<!--X-Body-Begin--> <!--X-User-Header--> oss-sec mailing list archives <!--X-User-Header-End--> <!--X-TopPNI--> By Date By Thread </form> <!--X-TopPNI-End--> <!--X-MsgBody--> <!--X-Subject-Header-Begin--> CVE-2021-22543 - /dev/kvm LPE <!--X-Subject-Header-End--> <!--X-Head-of-Message--> From: "Eduardo' Vela\" &lt;Nava&gt;" &lt; ...
Full Disclosure: Re: CVE-2021-22543 - /dev/kvm LPE
<!--X-Body-Begin--> <!--X-User-Header--> oss-sec mailing list archives <!--X-User-Header-End--> <!--X-TopPNI--> By Date By Thread </form> <!--X-TopPNI-End--> <!--X-MsgBody--> <!--X-Subject-Header-Begin--> Re: CVE-2021-22543 - /dev/kvm LPE <!--X-Subject-Header-End--> <!--X-Head-of-Message--> From: "Eduardo' Vela\" &lt;Nava&gt;" ...

References

CWE-119https://github.com/google/security-research/security/advisories/GHSA-7wq5-phmq-m584http://www.openwall.com/lists/oss-security/2021/06/26/1https://security.netapp.com/advisory/ntap-20210708-0002/https://lists.debian.org/debian-lts-announce/2021/10/msg00010.htmlhttps://lists.debian.org/debian-lts-announce/2021/12/msg00012.htmlhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4G5YBUVEPHZYXMKNGBZ3S6INFCTEEL4E/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ROQIXQB7ZAWI3KSGSHR6H5RDUWZI775S/https://access.redhat.com/errata/RHSA-2022:5640https://nvd.nist.govhttps://alas.aws.amazon.com/ALAS-2021-1539.html
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27975CVE-2024-2961CVE-2024-20380XML injectionHTML injectionCVE-2024-29204CVE-2023-51795memory leakCVE-2024-3470
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook