Published: 29/09/2021 Updated: 16/05/2023

CVSS v2 Base Score: 6.1 | Impact Score: 8.5 | Exploitability Score: 3.9

CVSS v3 Base Score: 8.8 | Impact Score: 6 | Exploitability Score: 2

VMScore: 543

Vector: AV:L/AC:L/Au:N/C:P/I:P/A:C

A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the "int_ctl" field, this issue could allow a malicious L1 to enable AVIC support (Advanced Virtual Interrupt Controller) for the L2 guest. As a result, the L2 guest would be allowed to read/write physical pages of the host, resulting in a crash of the entire system, leak of sensitive data or potential guest-to-host escape. This flaw affects Linux kernel versions before 5.14-rc7.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel 5.14
linux linux kernel
redhat enterprise linux 7.0
debian debian linux 9.0

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks CVE-2020-3702 A flaw was found in the driver for Atheros IEEE 80211n family of chipsets (ath9k) allowing information disclosure CVE-2020-16119 Hadar Manor reported a use-after-free in the D ...

A flaw was found in the KVM's AMD code for supporting SVM nested virtualization The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2) Due to improper validation of the &quot;int_ctl&quot; field, this issue could allow a malicious L1 to enable AVIC support (Adv ...

A security issue has been found in the KVM's AMD code for supporting SVM nested virtualization in the Linux kernel before version 51320 This issue is caused by missing validation of the `int_ctl` VMCB field and allows a malicious L1 guest to enable AVIC support (Advanced Virtual Interrupt Controller) for the L2 guest The L2 guest is able to wri ...

A flaw was found in the Linux kernel's implementation of wireless drivers using the Atheros chipsets An attacker within wireless range could send crafted traffic leading to information disclosure (CVE-2020-3702) A flaw was found in the KVM's AMD code for supporting SVM nested virtualization The flaw occurs when processing the VMCB (virtual mach ...

A flaw was found in the KVM's AMD code for supporting SVM nested virtualization The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2) Due to improper validation of the "int_ctl" field, this issue could allow a malicious L1 to enable AVIC support (Advanced Virtual Inte ...

A flaw was found in the Linux kernel's implementation of wireless drivers using the Atheros chipsets An attacker within wireless range could send crafted traffic leading to information disclosure (CVE-2020-3702) A flaw was found in the KVM's AMD code for supporting SVM nested virtualization The flaw occurs when processing the VMCB (virtual mach ...

CVE-2021-3656: This issue is caused by missing validation of the the virt_ext VMCB field and allows a malicious L1 guest to disable both VMLOAD/VMSAVE intercepts and VLS (Virtual VMLOAD/VMSAVE) for the L2 guest Under these circumstances, the L2 guest is able to run VMLOAD/VMSAVE unintercepted, and thus read/write portions of the host physical memory Setup Environment to acces

CWE-862 https://www.openwall.com/lists/oss-security/2021/08/16/1 https://bugzilla.redhat.com/show_bug.cgi?id=1983686 https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html http://packetstormsecurity.com/files/165477/Kernel-Live-Patch-Security-Notice-LSN-0083-1.html https://nvd.nist.gov https://www.debian.org/security/2021/dsa-4978

CVE-2021-3653

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Github Repositories

References

Vulmon Search

About

Products

Connect