PT-2021-23017 · Kvm+6 · Kvm+6

Guilherme De Almeida Suckevicz

Published

2021-11-03

Updated

2023-08-14

CVE-2021-4093

CVSS v3.1

8.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions KVM (affected versions not specified)

Description A flaw was found in the KVM's AMD code for supporting the Secure Encrypted Virtualization-Encrypted State (SEV-ES). A KVM guest using SEV-ES can trigger out-of-bounds reads and writes in the host kernel via a malicious VMGEXIT for a string I/O instruction (for example, outs or ins) using the exit reason SVM EXIT IOIO. This issue results in a crash of the entire system or a potential guest-to-host escape scenario.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Out of bounds Read

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125CWE-787

Related Identifiers

ALT-PU-2021-3220

ALT-PU-2021-3232

ALT-PU-2021-3270

ALT-PU-2021-3563

ALT-PU-2021-3573

ALT-PU-2023-4894

CESA-2022_1975

CESA-2022_1988

CVE-2021-4093

RHSA-2022:1975

RHSA-2022:1988

RHSA-2022_1975

RHSA-2022_1988

RLSA-2022:1988

USN-5265-1

Affected Products

Alt Linux

Centos

Kvm

Linuxmint

Red Hat

Rocky Linux

Ubuntu

PT-2021-23017 · Kvm+6 · Kvm+6

CVE-2021-4093

Weakness Enumeration

Related Identifiers

Affected Products

References · 79