CVE-2021-3656

Advisory lineage Upstream: 0 Downstream: 43

Downstream

DEBIAN-CVE-2021-3656 DLA-2785-1 DSA-4978-1 LSN-0081-1 MGASA-2021-0409 MGASA-2021-0410

Modified

Published: 04 Mar 2022, 18:41

Last modified:03 Aug 2024, 17:01

Vulnerability Summary

Overall Risk (default)

medium

35/100

CVSS Score

8.8 HIGH

v3.1 (nvd)

EPSS Score

0.07% LOW

0% probability 0.00%

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

04 Mar 2022, 18:41

Published

Vulnerability first disclosed

03 Aug 2024, 17:01

Last Modified

Vulnerability information updated

Description

A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the "virt_ext" field, this issue could allow a malicious L1 to disable both VMLOAD/VMSAVE intercepts and VLS (Virtual VMLOAD/VMSAVE) for the L2 guest. As a result, the L2 guest would be allowed to read/write physical pages of the host, resulting in a crash of the entire system, leak of sensitive data or potential guest-to-host escape.

CVSS Metrics

v3.1•HIGH•Score: 8.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
v2.0•HIGH•Score: 7.2AV:L/AC:L/Au:N/C:C/I:C/A:C

EPSS Trends

Current EPSS score: 0.07%• Percentile: 21%

Techniques & Countermeasures

CWE-862•Missing Authorization
The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

Affected Systems

fedoraproject•fedora
33 | 34
linux•linux_kernel
≥ 4.13, < 4.14.245 | ≥ 4.15, < 4.19.205 | ≥ 4.20, < 5.4.142 | ≥ 5.5, < 5.10.60 | ≥ 5.11, < 5.13.12 | 5.14 | 5.14:rc1 | 5.14:rc2 | 5.14:rc3 | 5.14:rc4 | 5.14:rc5 | 5.14:rc6
redhat•3scale_api_management
2.0
redhat•codeready_linux_builder
na
redhat•enterprise_linux
8.0
redhat•enterprise_linux_desktop
7.0
redhat•enterprise_linux_eus
8.1 | 8.2 | 8.4
redhat•enterprise_linux_for_ibm_z_systems
7.0 | 8.0
redhat•enterprise_linux_for_ibm_z_systems_eus
8.1 | 8.2 | 8.4
redhat•enterprise_linux_for_power_big_endian
7.0
redhat•enterprise_linux_for_power_little_endian
7.0 | 8.0
redhat•enterprise_linux_for_power_little_endian_eus
8.1 | 8.2 | 8.4
redhat•enterprise_linux_for_real_time
7 | 8
redhat•enterprise_linux_for_real_time_for_nfv
7 | 8
redhat•enterprise_linux_for_real_time_for_nfv_tus
8.2 | 8.4
redhat•enterprise_linux_for_real_time_tus
8.2 | 8.4
redhat•enterprise_linux_for_scientific_computing
7.0
redhat•enterprise_linux_server
7.0
redhat•enterprise_linux_server_aus
7.6 | 7.7 | 8.2 | 8.4
redhat•enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions
7.6 | 8.1 | 8.2 | 8.4
redhat•enterprise_linux_server_tus
7.6 | 7.7 | 8.2 | 8.4
redhat•enterprise_linux_server_update_services_for_sap_solutions
7.6 | 7.7 | 8.1 | 8.2 | 8.4
redhat•enterprise_linux_workstation
7.0
redhat•openstack
13
redhat•software_collections
na
redhat•virtualization_host
4.0