Maxim Levitsky and Paolo Bonzini discovered that the KVM hypervisor
implementation for AMD processors in the Linux kernel allowed a guest VM to
disable restrictions on VMLOAD/VMSAVE in a nested guest. An attacker in a
guest VM could use this to read or write portions of the host’s physical
memory. (CVE-2021-3656)
Maxim Levitsky discovered that the KVM hypervisor implementation for AMD
processors in the Linux kernel did not properly prevent a guest VM from
enabling AVIC in nested guest VMs. An attacker in a guest VM could use this
to write to portions of the host’s physical memory. (CVE-2021-3653)
It was discovered that the KVM hypervisor implementation for AMD processors
in the Linux kernel did not ensure enough processing time was given to
perform cleanups of large SEV VMs. A local attacker could use this to cause
a denial of service (soft lockup). (CVE-2020-36311)
It was discovered that the KVM hypervisor implementation in the Linux
kernel did not properly perform reference counting in some situations,
leading to a use-after-free vulnerability. An attacker who could start and
control a VM could possibly use this to expose sensitive information or
execute arbitrary code. (CVE-2021-22543)
Murray McAllister discovered that the joystick device interface in the
Linux kernel did not properly validate data passed via an ioctl(). A local
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code on systems with a joystick device
registered. (CVE-2021-3612)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 20.04 | noarch | linux-image-5.4.0-1052-gke | <Â 5.4.0-1052.55 | UNKNOWN |
Ubuntu | 20.04 | noarch | linux-image-5.4.0-1052-gke-dbgsym | <Â 5.4.0-1052.55 | UNKNOWN |
Ubuntu | 20.04 | noarch | linux-image-5.4.0-84-generic-lpae | <Â 5.4.0-84.94 | UNKNOWN |
Ubuntu | 20.04 | noarch | block-modules-5.4.0-84-generic-di | <Â 5.4.0-84.94 | UNKNOWN |
Ubuntu | 20.04 | noarch | crypto-modules-5.4.0-84-generic-di | <Â 5.4.0-84.94 | UNKNOWN |
Ubuntu | 20.04 | noarch | fat-modules-5.4.0-84-generic-di | <Â 5.4.0-84.94 | UNKNOWN |
Ubuntu | 20.04 | noarch | fb-modules-5.4.0-84-generic-di | <Â 5.4.0-84.94 | UNKNOWN |
Ubuntu | 20.04 | noarch | firewire-core-modules-5.4.0-84-generic-di | <Â 5.4.0-84.94 | UNKNOWN |
Ubuntu | 20.04 | noarch | floppy-modules-5.4.0-84-generic-di | <Â 5.4.0-84.94 | UNKNOWN |
Ubuntu | 20.04 | noarch | fs-core-modules-5.4.0-84-generic-di | <Â 5.4.0-84.94 | UNKNOWN |