Published: 21/01/2022 Updated: 28/01/2022

CVSS v2 Base Score: 4.9 | Impact Score: 6.9 | Exploitability Score: 3.9

CVSS v3 Base Score: 4.4 | Impact Score: 3.6 | Exploitability Score: 0.8

VMScore: 437

Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C

A vulnerability was found in the Linux kernel's KVM subsystem in arch/x86/kvm/lapic.c kvm_free_lapic when a failure allocation was detected. In this flaw the KVM subsystem may crash the kernel due to mishandling of memory errors that happens during VCPU construction, which allows an attacker with special user privilege to cause a denial of service. This flaw affects kernel versions before 5.15 rc7.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel
linux linux kernel 5.15

CVE-2021-4034简单优化，以应对没有安装gcc和make的目标环境

CVE-2021-4032-NoGCC Test in: Ubuntu 20043 LTS Kali 20214a CentOS Linux release 751804 Use: 1:interactive shell /cve-2021-4034-poc-x64 2:one-liner /cve-2021-4034-poc-x64 "cat /etc/shadow"

CVE-2021-4034简单优化，以应对没有安装gcc和make的目标环境

CVE-2021-4032-NoGCC Test in: Ubuntu 20043 LTS Kali 20214a CentOS Linux release 751804 Use: 1:interactive shell /cve-2021-4034-poc-x64 2:one-liner /cve-2021-4034-poc-x64 "cat /etc/shadow"

CWE-459 https://bugzilla.redhat.com/show_bug.cgi?id=2027403 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f7d8a19f9a056a05c5c509fa65af472a322abfee https://lkml.org/lkml/2021/9/8/587 https://nvd.nist.gov https://github.com/EstamelGG/CVE-2021-4034-NoGCC

CVE-2021-4032

Vulnerability Summary

Vulnerability Trend

Github Repositories

References

Vulmon Search

About

Products

Connect