PT-2021-6074 · Linux+10 · Linux Kernel+10

Maxim Levitsky

+1

·

Published

2021-08-16

·

Updated

2024-06-15

·

CVE-2021-3656

CVSS v3.1

8.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The issue occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the virt ext field, this issue could allow a malicious L1 to disable both VMLOAD/VMSAVE intercepts and VLS (Virtual VMLOAD/VMSAVE) for the L2 guest. As a result, the L2 guest would be allowed to read/write physical pages of the host, resulting in a crash of the entire system, leak of sensitive data, or potential guest-to-host escape.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Missing Authorization

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-862CWE-264

Related Identifiers

ALSA-2021:4056
ALT-PU-2021-2564
ALT-PU-2021-2640
ALT-PU-2021-2643
ALT-PU-2021-2644
ALT-PU-2021-2658
ALT-PU-2021-2659
ALT-PU-2021-2661
ALT-PU-2021-2662
ALT-PU-2021-2672
ALT-PU-2021-2677
ALT-PU-2021-2678
ALT-PU-2021-2691
ALT-PU-2021-2737
ALT-PU-2021-2748
ALT-PU-2021-2751
ALT-PU-2021-2901
ALT-PU-2021-2985
ALT-PU-2021-2986
ALT-PU-2021-2989
ALT-PU-2021-2990
ALT-PU-2021-2996
ALT-PU-2021-3000
ALT-PU-2021-3002
ALT-PU-2021-3007
ALT-PU-2021-3015
ALT-PU-2021-3021
ALT-PU-2021-3022
ALT-PU-2021-3067
ALT-PU-2021-3477
ALT-PU-2021-3563
ALT-PU-2021-3573
ALT-PU-2022-1240
ALT-PU-2022-2096
ALT-PU-2023-4894
BDU:2022-00683
CESA-2021_3801
CESA-2021_4056
CESA-2021_4088
CVE-2021-3656
DLA-2785-1
DSA-4978-1
LSN-0081-1
MGASA-2021-0409
MGASA-2021-0410
OESA-2022-1940
OPENSUSE-SU-2021:1271-1
OPENSUSE-SU-2021:3179-1
OPENSUSE-SU-2021:3205-1
OPENSUSE-SU-2021:3876-1
OPENSUSE-SU-2021_1271-1
OPENSUSE-SU-2021_3179-1
OPENSUSE-SU-2021_3205-1
OPENSUSE-SU-2021_3876-1
OPENSUSE-SU-2024:10728-1
OPENSUSE-SU-2024:13704-1
RHSA-2021:3676
RHSA-2021:3801
RHSA-2021:3802
RHSA-2021:3812
RHSA-2021:3904
RHSA-2021:3909
RHSA-2021:3987
RHSA-2021:4056
RHSA-2021:4088
RHSA-2021_3801
RHSA-2021_3802
RHSA-2021_4056
RHSA-2021_4088
RLSA-2021:4056
RLSA-2021:4088
SUSE-SU-2021:3073-1
SUSE-SU-2021:3177-1
SUSE-SU-2021:3178-1
SUSE-SU-2021:3179-1
SUSE-SU-2021:3192-1
SUSE-SU-2021:3205-1
SUSE-SU-2021:3205-2
SUSE-SU-2021:3206-1
SUSE-SU-2021:3207-1
SUSE-SU-2021:3217-1
SUSE-SU-2021:3415-1
SUSE-SU-2021:3876-1
SUSE-SU-2021:3969-1
SUSE-SU-2021:3972-1
USN-5070-1
USN-5071-1
USN-5071-2
USN-5072-1
USN-5073-1
USN-5073-2
USN-5082-1

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Linuxmint
Linux Kernel
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu