PT-2021-2547 · Linux+2 · Linux Kernel+2

Paolo Bonzini

Published

2020-08-26

Updated

2022-04-18

CVE-2020-36310

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.8

Description: An issue in the Linux kernel allows a set memory region test infinite loop for certain nested page faults. This can be exploited to cause a denial of service.

Recommendations: For Linux kernel versions prior to 5.8, update to version 5.8 or later to resolve the issue. As a temporary workaround, consider restricting access to the vulnerable set memory region test function in arch/x86/kvm/svm/svm.c to minimize the risk of exploitation.

Fix

Infinite Loop

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-835

Related Identifiers

ALT-PU-2020-2688

ALT-PU-2020-2716

ALT-PU-2020-2770

ALT-PU-2020-3210

ALT-PU-2021-1083

ALT-PU-2021-1105

ALT-PU-2021-1621

ALT-PU-2021-1656

ALT-PU-2021-1739

ALT-PU-2021-1862

ALT-PU-2021-1866

ALT-PU-2021-1870

BDU:2021-01954

CVE-2020-36310

DSA-5095-1

OPENSUSE-SU-2021:0579-1

OPENSUSE-SU-2021:0758-1

OPENSUSE-SU-2021:1975-1

OPENSUSE-SU-2021:1977-1

OPENSUSE-SU-2021_0579-1

OPENSUSE-SU-2021_0758-1

OPENSUSE-SU-2021_1975-1

OPENSUSE-SU-2021_1977-1

SUSE-SU-2021:1211-1

SUSE-SU-2021:1238-1

SUSE-SU-2021:1301-1

SUSE-SU-2021:1572-1

SUSE-SU-2021:1573-1

SUSE-SU-2021:1595-1

SUSE-SU-2021:1596-1

SUSE-SU-2021:1605-1

SUSE-SU-2021:1624-1

SUSE-SU-2021:1625-1

SUSE-SU-2021:1975-1

SUSE-SU-2021:1977-1

Affected Products

Alt Linux

Linux Kernel

Suse

PT-2021-2547 · Linux+2 · Linux Kernel+2

CVE-2020-36310

Weakness Enumeration

Related Identifiers

Affected Products

References · 467