CVE-2021-3656

A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB virtual machine control block provided by the L1 guest to spawn/handle a nested guest L2. Due to improper validation of the "virtext" field, this issue could allow a malicious...

Input validation

A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB virtual machine control block provided by the L1 guest to spawn/handle a nested guest L2. Due to improper validation of the "virtext" field, this issue could allow a malicious...

CVE-2021-3656

A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB virtual machine control block provided by the L1 guest to spawn/handle a nested guest L2. Due to improper validation of the "virtext" field, this issue could allow a malicious...

CVE-2021-3656

CVE-2021-3656 describes a flaw in the KVM hypervisor for AMD processors where the L1 guest can provide a VMCB with an improperly validated virt_ext field, allowing the L1 to disable VMLOAD/VMSAVE intercepts and VLS for the L2 guest. This enables the L2 guest to read/write portions of the host’s p...

CVE-2021-3656

A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB virtual machine control block provided by the L1 guest to spawn/handle a nested guest L2. Due to improper validation of the "virtext" field, this issue could allow a malicious...

DRAKVUF Sandbox - Automated Hypervisor-Level Malware Analysis System

DRAKVUF Sandbox is an automated black-box malware analysis system with DRAKVUF engine under the hood, which does not require an agent on guest OS. This project provides you with a friendly web interface that allows you to upload suspicious files to be analyzed. Once the sandboxing job is finished...

GSD-2022-1000188 KVM: x86: Forcibly leave nested virt when SMM state is toggled

KVM: x86: Forcibly leave nested virt when SMM state is toggled This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.97 by commit...

AlmaLinux 8 : kernel (ALSA-2021:3548)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2021:3548 advisory. - A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB virtual machine control block provided ...

Medium: kernel

Issue Overview: A flaw was found in the Linux kernel's implementation of wireless drivers using the Atheros chipsets. An attacker within wireless range could send crafted traffic leading to information disclosure. CVE-2020-3702 A flaw was found in the KVM's AMD code for supporting SVM nested...

Mageia: Security Advisory (MGASA-2020-0110)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2019-0097)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DLA-2843-1 : linux - LTS security update

The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2843 advisory. - Use-after-free vulnerability in the Linux kernel exploitable by a local attacker due to reuse of a DCCP socket with an attached dccpshctxccid object as a listene...

SUSE SLES11 Security Update : kernel (SUSE-SU-2021:14849-1)

The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:14849-1 advisory. The SUSE Linux Enterprise 11 SP4 LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed: -...

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 7.3 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

kernel: SVM nested virtualization issue in KVM (AVIC support)

A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB virtual machine control block provided by the L1 guest to spawn/handle a nested guest L2. Due to improper validation of the "intctl" field, this issue could allow a malicious ...

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2021-9564)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-9564 advisory. - LTS tag: v5.4.142 Jack Vogel CVE-2021-3653 CVE-2021-3656 - KVM: nSVM: always intercept VMLOAD/VMSAVE when nested CVE-2021-3656 Maxim Levitsky -...

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel-container (ELSA-2021-9565)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-9565 advisory. - LTS tag: v5.4.142 Jack Vogel CVE-2021-3653 CVE-2021-3656 - KVM: nSVM: always intercept VMLOAD/VMSAVE when nested CVE-2021-3656 Maxim Levitsky -...

RHEL 7 : kernel (RHSA-2021:4692)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:4692 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: use-after-free in...

kernel: SVM nested virtualization issue in KVM (AVIC support)

A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB virtual machine control block provided by the L1 guest to spawn/handle a nested guest L2. Due to improper validation of the "intctl" field, this issue could allow a malicious ...

CentOS 8 : kernel (CESA-2021:4056)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:4056 advisory. - kernel: use-after-free in drivers/infiniband/core/ucma.c ctx use-after-free CVE-2020-36385 - kernel: out-of-bounds write due to a heap buffer overflo...