PT-2021-3772 · Linux+10 · Linux Kernel+10

Alexey Kardashevskiy

Published

2021-07-23

Updated

2024-06-15

CVE-2021-37576

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel versions through 5.13.5

Description The issue allows KVM guest OS users to cause host OS memory corruption via rtas args.nargs. This is related to a potential buffer overflow in the arch/powerpc/kvm/book3s rtas.c driver of the Linux kernel on the powerpc platform.

Recommendations For Linux kernel versions through 5.13.5, consider updating to a version that includes a fix for this issue to prevent host OS memory corruption. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

ALSA-2021:3447

ALT-PU-2021-2377

ALT-PU-2021-2378

ALT-PU-2021-2399

ALT-PU-2021-2415

ALT-PU-2021-2417

ALT-PU-2021-2486

ALT-PU-2021-2493

ALT-PU-2021-2511

ALT-PU-2021-2616

ALT-PU-2021-2671

ALT-PU-2021-2691

ALT-PU-2021-3000

ALT-PU-2021-3002

ALT-PU-2021-3007

ALT-PU-2021-3477

ALT-PU-2021-3563

ALT-PU-2021-3573

ALT-PU-2022-2096

ALT-PU-2023-4894

AZL-6579

BDU:2021-04028

CESA-2021_3436

CESA-2021_3447

CESA-2021_3801

CVE-2021-37576

DLA-2785-1

DSA-4978-1

OESA-2021-1310

OPENSUSE-SU-2021:1142-1

OPENSUSE-SU-2021:2645-1

OPENSUSE-SU-2021:2687-1

OPENSUSE-SU-2021:3876-1

OPENSUSE-SU-2021_1142-1

OPENSUSE-SU-2021_2645-1

OPENSUSE-SU-2021_2687-1

OPENSUSE-SU-2021_3876-1

OPENSUSE-SU-2024:10728-1

OPENSUSE-SU-2024:13704-1

RHSA-2021:3436

RHSA-2021:3442

RHSA-2021:3443

RHSA-2021:3444

RHSA-2021:3446

RHSA-2021:3447

RHSA-2021:3725

RHSA-2021:3766

RHSA-2021:3768

RHSA-2021:3801

RHSA-2021:3812

RHSA-2021:3814

RHSA-2021:3987

RHSA-2021:4000

RHSA-2021_3447

RHSA-2021_3801

RLSA-2021:3447

SUSE-SU-2021:2643-1

SUSE-SU-2021:2644-1

SUSE-SU-2021:2645-1

SUSE-SU-2021:2646-1

SUSE-SU-2021:2647-1

SUSE-SU-2021:2678-1

SUSE-SU-2021:2687-1

SUSE-SU-2021:2695-1

SUSE-SU-2021:2746-1

SUSE-SU-2021:2756-1

SUSE-SU-2021:2842-1

SUSE-SU-2021:2846-1

SUSE-SU-2021:3876-1

SUSE-SU-2021:3929-1

SUSE-SU-2021:3935-1

SUSE-SU-2021:3969-1

SUSE-SU-2021:3972-1

USN-5091-1

USN-5091-3

USN-5092-1

USN-5092-2

USN-5092-3

USN-5094-1

Affected Products

Alt Linux

Almalinux

Astra Linux

Centos

Linuxmint

Linux Kernel

Red Hat

Red Os

Rocky Linux

Suse

Ubuntu

PT-2021-3772 · Linux+10 · Linux Kernel+10

CVE-2021-37576

Weakness Enumeration

Related Identifiers

Affected Products

References · 575