CVE-2021-22543

Опубликовано: 26 мая 2021

Источник: nvd

CVSS3: 7.8

CVSS2: 4.6

EPSS Низкий

Описание

An issue was discovered in Linux: KVM through Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks and can lead to pages being freed while still accessible by the VMM and guest. This allows users with the ability to start and control a VM to read/write random pages of memory and can result in local privilege escalation.

Ссылки

http://www.openwall.com/lists/oss-security/2021/06/26/1
Mailing List
https://github.com/google/security-research/security/advisories/GHSA-7wq5-phmq-m584
Exploit
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html
Mailing List
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html
Mailing List
Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4G5YBUVEPHZYXMKNGBZ3S6INFCTEEL4E/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ROQIXQB7ZAWI3KSGSHR6H5RDUWZI775S/
https://security.netapp.com/advisory/ntap-20210708-0002/
Third Party Advisory
http://www.openwall.com/lists/oss-security/2021/06/26/1
Mailing List
https://github.com/google/security-research/security/advisories/GHSA-7wq5-phmq-m584
Exploit
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html
Mailing List
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html
Mailing List
Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4G5YBUVEPHZYXMKNGBZ3S6INFCTEEL4E/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ROQIXQB7ZAWI3KSGSHR6H5RDUWZI775S/
https://security.netapp.com/advisory/ntap-20210708-0002/
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:linux:linux_kernel:2021-05-18:*:*:*:*:*:*:*

Конфигурация 2

Одно из

cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*

cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*

Конфигурация 3

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Конфигурация 4

Одновременно

cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*

Конфигурация 5

Одновременно

cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*

Конфигурация 6

Одновременно

cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*

Конфигурация 7

Одновременно

cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*

Конфигурация 8

Одновременно

cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*

Конфигурация 9

Одновременно

cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*

Конфигурация 10

Одновременно

cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*

Конфигурация 11

Одновременно

cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*

Конфигурация 12

Одно из

cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*

cpe:2.3:o:netapp:solidfire_baseboard_management_controller_firmware:-:*:*:*:*:*:*:*

EPSS

Процентиль: 0%

0.00006

Низкий

7.8 High

CVSS3

4.6 Medium

CVSS2

Дефекты

CWE-119

Связанные уязвимости

CVE-2021-22543

CVSS3: 7.8

ubuntu

около 4 лет назад

CVE-2021-22543

CVSS3: 7

redhat

около 4 лет назад

CVE-2021-22543

CVSS3: 7.8

debian

около 4 лет назад

An issue was discovered in Linux: KVM through Improper handling of VM_ ...

BDU:2021-04854

CVSS3: 7.8

fstec

около 4 лет назад

Уязвимость операционной системы Linux вызвана переполнением буфера, позволяющая нарушителю выполнить произвольную команду управления

SUSE-SU-2021:2695-1

suse-cvrf

почти 4 года назад

Security update for the Linux Kernel (Live Patch 17 for SLE 15 SP2)

EPSS

Процентиль: 0%

0.00006

Низкий

7.8 High

CVSS3

4.6 Medium

CVSS2

Дефекты

CWE-119