Lucene search

K
osvGoogleOSV:USN-5072-1
HistorySep 08, 2021 - 11:48 p.m.

linux-azure-5.8, linux-oem-5.10 vulnerabilities

2021-09-0823:48:20
Google
osv.dev
11
linux
kvm hypervisor
amd processors
cve-2021-3656
cve-2021-3653
memory vulnerability

AI Score

8.3

Confidence

High

EPSS

0.001

Percentile

35.2%

Maxim Levitsky and Paolo Bonzini discovered that the KVM hypervisor
implementation for AMD processors in the Linux kernel allowed a guest VM to
disable restrictions on VMLOAD/VMSAVE in a nested guest. An attacker in a
guest VM could use this to read or write portions of the host’s physical
memory. (CVE-2021-3656)

Maxim Levitsky discovered that the KVM hypervisor implementation for AMD
processors in the Linux kernel did not properly prevent a guest VM from
enabling AVIC in nested guest VMs. An attacker in a guest VM could use this
to write to portions of the host’s physical memory. (CVE-2021-3653)