CVE-2021-29657

A flaw was found in the Linux kernel. A KVM guest on AMD can launch a nested guest without the Intercept VMRUN control bit by exploiting a TOCTOU vulnerability in nestedsvmvmrun. A malicious guest could use this flaw to gain unrestricted access to host MSRs, possibly leading to guest-to-host esca...

CVE-2021-3653

A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB virtual machine control block provided by the L1 guest to spawn/handle a nested guest L2. Due to improper validation of the "intctl" field, this issue could allow a malicious ...

CVE-2021-3656

A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB virtual machine control block provided by the L1 guest to spawn/handle a nested guest L2. Due to improper validation of the "virtext" field, this issue could allow a malicious...

CVE-2021-3653

A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB virtual machine control block provided by the L1 guest to spawn/handle a nested guest L2. Due to improper validation of the "intctl" field, this issue could allow a malicious ...

CVE-2021-3656

A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB virtual machine control block provided by the L1 guest to spawn/handle a nested guest L2. Due to improper validation of the "virtext" field, this issue could allow a malicious...

UBUNTU-CVE-2021-3653

A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB virtual machine control block provided by the L1 guest to spawn/handle a nested guest L2. Due to improper validation of the "intctl" field, this issue could allow a malicious ...

UBUNTU-CVE-2021-3656

A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB virtual machine control block provided by the L1 guest to spawn/handle a nested guest L2. Due to improper validation of the "virtext" field, this issue could allow a malicious...

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2021-9420)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-9420 advisory. - KVM: nSVM: always intercept VMLOAD/VMSAVE when nested Maxim Levitsky Orabug: 33205365 CVE-2021-3656 CVE-2021-3656 Tenable has extracted the...

Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2021-9419)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-9419 advisory. - KVM: nSVM: always intercept VMLOAD/VMSAVE when nested Maxim Levitsky Orabug: 33205367 CVE-2021-3656 CVE-2021-3656 Tenable has extracted the preceding...

KVM 安全漏洞

KVM is a kernel-based virtual machine. A security vulnerability exists in the AMD code for KVM, which stems from incorrect validation of "virtext" when processing VMCBs Virtual Machine Control Blocks provided by L1 guests to generate/process nested guests L2...

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel-container (ELSA-2021-9421)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-9421 advisory. - KVM: nSVM: always intercept VMLOAD/VMSAVE when nested Maxim Levitsky Orabug: 33205365 CVE-2021-3656 Tenable has extracted the preceding descripti...

Oracle Linux 7 : Unbreakable Enterprise kernel-container (ELSA-2021-9422)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2021-9422 advisory. - KVM: nSVM: always intercept VMLOAD/VMSAVE when nested Maxim Levitsky Orabug: 33205367 CVE-2021-3656 Tenable has extracted the preceding description...

Information Disclosure

jenkins is vulnerable to information disclosure. An insecure permissions check in allows attackers with Item/Read permission to retrieve nested items...

CVE-2021-37679

TensorFlow is an end-to-end open source platform for machine learning. In affected versions it is possible to nest a tf.mapfn within another tf.mapfn call. However, if the input tensor is a RaggedTensor and there is no function signature provided, code assumes the output is a fully specified tens...

PYSEC-2021-301

TensorFlow is an end-to-end open source platform for machine learning. In affected versions it is possible to nest a tf.mapfn within another tf.mapfn call. However, if the input tensor is a RaggedTensor and there is no function signature provided, code assumes the output is a fully specified tens...

CVE-2021-37679

TensorFlow is an end-to-end open source platform for machine learning. In affected versions it is possible to nest a tf.mapfn within another tf.mapfn call. However, if the input tensor is a RaggedTensor and there is no function signature provided, code assumes the output is a fully specified tens...

PYSEC-2021-301

TensorFlow is an end-to-end open source platform for machine learning. In affected versions it is possible to nest a tf.mapfn within another tf.mapfn call. However, if the input tensor is a RaggedTensor and there is no function signature provided, code assumes the output is a fully specified tens...

CVE-2021-37679 Heap OOB in nested `tf.map_fn` with `RaggedTensor`s in TensorFlow

TensorFlow is an end-to-end open source platform for machine learning. In affected versions it is possible to nest a tf.mapfn within another tf.mapfn call. However, if the input tensor is a RaggedTensor and there is no function signature provided, code assumes the output is a fully specified tens...

arch/x86/kvm/svm/nested.c in the Linux kernel before 5.11.12 has a use-after-free in which an AMD KVM guest can bypass access control on host OS MSRs when there are nested guests aka CID-a58d9166a756. This occurs because of a TOCTOU race condition associated with a VMCB12 double fetch in nested_svm_vmrun.

...

PT-2021-21756 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.6.0 TensorFlow versions 2.5.1 and earlier TensorFlow versions 2.4.3 and earlier TensorFlow versions 2.3.4 and earlier Description: In affected versions, if the arguments to tf.raw ops.RaggedGather don't determin...