CVE-2021-4032

🗓️ 21 Jan 2022 18:17:29Reported by redhatType

Vulnerability in Linux kernel's KVM subsystem in arch/x86/kvm/lapic.c kvm_free_lapi

Reporter	Title	Published	Views	Family All 212
GithubExploit	Exploit for Out-of-bounds Write in Polkit_Project Polkit	28 Jan 202202:54	–	githubexploit
GithubExploit	Exploit for Incomplete Cleanup in Linux Linux_Kernel	28 Jan 202202:54	–	githubexploit
CBLMariner	CVE-2021-4032 affecting package kernel 5.10.189.1-1	10 Mar 202223:47	–	cbl_mariner
CNNVD	Linux kernel 安全漏洞	21 Jan 202200:00	–	cnnvd
CNVD	Linux kernel denial-of-service vulnerability (CNVD-2022-07641)	25 Jan 202200:00	–	cnvd
Cvelist	CVE-2021-4032	21 Jan 202218:17	–	cvelist
Debian CVE	CVE-2021-4032	21 Jan 202218:17	–	debiancve
EUVD	EUVD-2021-33933	3 Oct 202520:07	–	euvd
Microsoft CVE	A vulnerability was found in the Linux kernel's KVM subsystem in arch/x86/kvm/lapic.c kvm_free_lapic when a failure allocation was detected. In this flaw the KVM subsystem may crash the kernel due to mishandling of memory errors that happens during VCPU construction which allows an attacker with special user privilege to cause a denial of service. This flaw affects kernel versions prior to 5.15 rc7.	29 Jan 202208:00	–	mscve
NVD	CVE-2021-4032	21 Jan 202219:15	–	nvd

NVD

Vulners

Node

linux linux_kernelRange≤5.14

linux linux_kernelMatch5.15-

linux linux_kernelMatch5.15rc1

linux linux_kernelMatch5.15rc2

linux linux_kernelMatch5.15rc3

linux linux_kernelMatch5.15rc4

linux linux_kernelMatch5.15rc5

linux linux_kernelMatch5.15rc6

[
  {
    "product": "kernel",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "kernel 5.15 rc7"
      }
    ]
  }
]

Source	Link
git	www.git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/
lkml	www.lkml.org/lkml/2021/9/8/587
bugzilla	www.bugzilla.redhat.com/show_bug.cgi

21 Nov 2024 06:36Current

4.3Medium risk

Vulners AI Score4.3

CVSS 3.14.4

CVSS 24.9

EPSS0.00047

CWE-459