SB2021092318 - SUSE update for the Linux Kernel (Live Patch 40 for SLE 12 SP3) 

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2021092318

SB2021092318 - SUSE update for the Linux Kernel (Live Patch 40 for SLE 12 SP3)

Published: September 23, 2021

Security Bulletin ID SB2021092318
Severity
Low
Patch available
YES
Number of vulnerabilities 2
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

Low 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 2 secuirty vulnerabilities.


1) Security restrictions bypass (CVE-ID: CVE-2021-3653)

The vulnerability allows a malicious guest to escalate privileges on the system.

The vulnerability exists due to improperly imposed security restrictions within the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the "int_ctl" field, this issue could allow a malicious L1 to enable AVIC support (Advanced Virtual Interrupt Controller) for the L2 guest.

As a result, the L2 guest would be allowed to read/write physical pages of the host, resulting in a crash of the entire system, leak of sensitive data or potential guest-to-host escape.


2) Incorrect permission assignment for critical resource (CVE-ID: CVE-2021-38198)

The vulnerability allows a local user to perform a denial of service attack.

The vulnerability exists due to arch/x86/kvm/mmu/paging_tmpl.h incorrectly computes the access permissions of a shadow page. A local user can trigger an error to perform a denial of service attack.

Remediation

Install update from vendor's website.

References