The vulnerability of the KVM virtualization subsystem in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the KVM virtualization subsystem in the Linux operating system is related to pointer arithmetic errors. Exploiting this vulnerability can allow an attacker to trigger a service failure...

CVE-2021-4095

A NULL pointer dereference was found in the Linux kernel's KVM when dirty ring logging is enabled without an active vCPU context. An unprivileged local attacker on the host may use this flaw to cause a kernel oops condition and thus a denial of service by issuing a KVMXENHVMSETATTR ioctl. This fl...

The vulnerability of the KVM kernel virtualization subsystem in Linux operating systems, related to deficiencies in access control, allows attackers to escalate their privileges.

The vulnerability of the KVM kernel virtualization subsystem in the Linux operating system is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges and read/write physical pages on the host...

CLSA-2022-1643637294 Fix CVE(s): CVE-2021-38198

CVE-2021-38198 - ELSCVE-686: KVM: MMU: return page fault error code from permissionfault - ELSCVE-686: kvm: x86: MMU support for EPT accessed/dirty bits - ELSCVE-686: KVM: nVMX: fix EPT permissions as reported in exit qualification - ELSCVE-686: KVM: X86: MMU: Use the correct inherited permission...

CVE-2021-4032

A vulnerability was found in the Linux kernel's KVM subsystem in arch/x86/kvm/lapic.c kvmfreelapic when a failure allocation was detected. In this flaw the KVM subsystem may crash the kernel due to mishandling of memory errors that happens during VCPU construction, which allows an attacker with...

UBUNTU-CVE-2021-4032

A vulnerability was found in the Linux kernel's KVM subsystem in arch/x86/kvm/lapic.c kvmfreelapic when a failure allocation was detected. In this flaw the KVM subsystem may crash the kernel due to mishandling of memory errors that happens during VCPU construction, which allows an attacker with...

USN-5208-1 linux, linux-aws, linux-aws-5.11, linux-azure, linux-azure-5.11, linux-gcp, linux-gcp-5.11, linux-hwe-5.11, linux-kvm, linux-oracle, linux-oracle-5.11, linux-raspi vulnerabilities

Nadav Amit discovered that the hugetlb implementation in the Linux kernel did not perform TLB flushes under certain conditions. A local attacker could use this to leak or alter data from other processes that use huge pages. CVE-2021-4002 It was discovered that a race condition existed in the...

kernel: SVM nested virtualization issue in KVM (AVIC support)

A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB virtual machine control block provided by the L1 guest to spawn/handle a nested guest L2. Due to improper validation of the "intctl" field, this issue could allow a malicious ...

PT-2021-23017 · Kvm +6 · Kvm +6

Name of the Vulnerable Software and Affected Versions: KVM affected versions not specified Description: A flaw was found in the KVM's AMD code for supporting the Secure Encrypted Virtualization-Encrypted State SEV-ES. A KVM guest using SEV-ES can trigger out-of-bounds reads and writes in the host...

kernel: SVM nested virtualization issue in KVM (AVIC support)

A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB virtual machine control block provided by the L1 guest to spawn/handle a nested guest L2. Due to improper validation of the "intctl" field, this issue could allow a malicious ...

kernel: SVM nested virtualization issue in KVM (AVIC support)

A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB virtual machine control block provided by the L1 guest to spawn/handle a nested guest L2. Due to improper validation of the "intctl" field, this issue could allow a malicious ...

kernel: SVM nested virtualization issue in KVM (VMLOAD/VMSAVE)

A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB virtual machine control block provided by the L1 guest to spawn/handle a nested guest L2. Due to improper validation of the "virtext" field, this issue could allow a malicious...

kernel: SVM nested virtualization issue in KVM (AVIC support)

A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB virtual machine control block provided by the L1 guest to spawn/handle a nested guest L2. Due to improper validation of the "intctl" field, this issue could allow a malicious ...

The vulnerability of the arch/x86/kvm/svm/nested.c component of the Linux operating system, related to the use of memory after it is freed, allows an attacker to increase their privileges.

The vulnerability of the arch/x86/kvm/svm/nested.c component of the Linux operating system is related to the use of memory after it has been freed. Exploiting this vulnerability can allow an attacker to increase their privileges...

DEBIAN-CVE-2021-3653

A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB virtual machine control block provided by the L1 guest to spawn/handle a nested guest L2. Due to improper validation of the "intctl" field, this issue could allow a malicious ...

USN-5082-1 linux-oem-5.13 vulnerabilities

Maxim Levitsky and Paolo Bonzini discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel allowed a guest VM to disable restrictions on VMLOAD/VMSAVE in a nested guest. An attacker in a guest VM could use this to read or write portions of the host's physical memory...

kernel: powerpc: KVM guest OS users can cause host OS memory corruption

A flaw was found on the Linux kernel. On the PowerPC platform, the KVM guest allows the OS users to cause host OS memory corruption via rtasargs.nargs. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

KVM 权限许可和访问控制问题漏洞

KVM is a kernel-based virtual machine. A privilege-granting and access-control issue vulnerability exists in KVM's AMD code, which stems from incorrect validation of "intctl" when processing VMCBs Virtual Machine Control Blocks supplied by L1 guests to spawn/process nested guests L2...

AZL-6579 CVE-2021-37576 affecting package kernel for versions less than 5.10.78.1-1

arch/powerpc/kvm/book3srtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest OS users to cause host OS memory corruption via rtasargs.nargs, aka CID-f62f3c20647e...

kernel: userspace applications can misuse the KVM API to cause a write of 16 bytes at an offset up to 32 GB from vcpu->run

A flaw was found in the Linux kernel. The value of internal.ndata, in the KVM API, is mapped to an array index, which can be updated by a user process at anytime which could lead to an out-of-bounds write. The highest threat from this vulnerability is to data integrity and system availability...