Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2021-4032

Опубликовано: 21 янв. 2022
Источник: nvd
CVSS3: 4.4
CVSS2: 4.9
EPSS Низкий

Описание

A vulnerability was found in the Linux kernel's KVM subsystem in arch/x86/kvm/lapic.c kvm_free_lapic when a failure allocation was detected. In this flaw the KVM subsystem may crash the kernel due to mishandling of memory errors that happens during VCPU construction, which allows an attacker with special user privilege to cause a denial of service. This flaw affects kernel versions prior to 5.15 rc7.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия до 5.14 (включая)
cpe:2.3:o:linux:linux_kernel:5.15:-:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.15:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.15:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.15:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.15:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.15:rc5:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.15:rc6:*:*:*:*:*:*

EPSS

Процентиль: 14%
0.00047
Низкий

4.4 Medium

CVSS3

4.9 Medium

CVSS2

Дефекты

CWE-459
CWE-459

Связанные уязвимости

ubuntu логотип

CVE-2021-4032

CVSS3: 4.4
ubuntu
около 4 лет назад

A vulnerability was found in the Linux kernel's KVM subsystem in arch/x86/kvm/lapic.c kvm_free_lapic when a failure allocation was detected. In this flaw the KVM subsystem may crash the kernel due to mishandling of memory errors that happens during VCPU construction, which allows an attacker with special user privilege to cause a denial of service. This flaw affects kernel versions prior to 5.15 rc7.

redhat логотип

CVE-2021-4032

CVSS3: 4.4
redhat
больше 4 лет назад

A vulnerability was found in the Linux kernel's KVM subsystem in arch/x86/kvm/lapic.c kvm_free_lapic when a failure allocation was detected. In this flaw the KVM subsystem may crash the kernel due to mishandling of memory errors that happens during VCPU construction, which allows an attacker with special user privilege to cause a denial of service. This flaw affects kernel versions prior to 5.15 rc7.

msrc логотип

CVE-2021-4032

CVSS3: 4.4
msrc
около 4 лет назад

Описание отсутствует

debian логотип

CVE-2021-4032

CVSS3: 4.4
debian
около 4 лет назад

A vulnerability was found in the Linux kernel's KVM subsystem in arch/ ...

github логотип

GHSA-89wc-v8x9-wrv5

github
около 4 лет назад

A vulnerability was found in the Linux kernel's KVM subsystem in arch/x86/kvm/lapic.c kvm_free_lapic when a failure allocation was detected. In this flaw the KVM subsystem may crash the kernel due to mishandling of memory errors that happens during VCPU construction, which allows an attacker with special user privilege to cause a denial of service. This flaw affects kernel versions prior to 5.15 rc7.

EPSS

Процентиль: 14%
0.00047
Низкий

4.4 Medium

CVSS3

4.9 Medium

CVSS2

Дефекты

CWE-459
CWE-459