2 matches found
UVI-2021-1000022 KVM: VMX: Don't use vcpu->run->internal.ndata as an array index
KVM: VMX: Don't use vcpu-run-internal.ndata as an array index This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.32 by commit...
DEBIAN-CVE-2021-3501
A flaw was found in the Linux kernel in versions before 5.12. The value of internal.ndata, in the KVM API, is mapped to an array index, which can be updated by a user process at anytime which could lead to an out-of-bounds write. The highest threat from this vulnerability is to data integrity and...