Tuesday, September 21, 2021

Red Hat: CVE-2021-3653: Moderate: kernel-rt security and bug fix update (Multiple Advisories)

Description
A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the "int_ctl" field, this issue could allow a malicious L1 to enable AVIC support (Advanced Virtual Interrupt Controller) for the L2 guest. As a result, the L2 guest would be allowed to read/write physical pages of the host, resulting in a crash of the entire system, leak of sensitive data or potential guest-to-host escape.
Solution(s)
  • redhat-upgrade-kernel
  • redhat-upgrade-kernel-rt


  • References
  • CVE-2021-3653
  • RHSA-2021:3547
  • RHSA-2021:3548




  •  

    Copyright © 2021 Vulnerability Database | Cyber Details™

    thank you Templateism for the design - You should have written the code a little more complicated - Nothing Encrypted anymore