Описание
Security update for the Linux Kernel (Live Patch 35 for SLE 12 SP3)
This update for the Linux Kernel 4.4.180-94_130 fixes several issues.
The following security issues were fixed:
- CVE-2021-3653: Fixed missing validation of the KVM
int_ctlVMCB field that would have allowed a malicious L1 guest to enable AVIC support for the L2 guest (bsc#1189420). - CVE-2021-38198: Fixed KVM MMU to use the correct inherited permissions to get shadow page (bsc#1189278).
Список пакетов
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server for SAP Applications 12 SP3
Ссылки
- Link for SUSE-SU-2021:3196-1
- E-Mail link for SUSE-SU-2021:3196-1
- SUSE Security Ratings
- SUSE Bug 1189278
- SUSE Bug 1189420
- SUSE CVE CVE-2021-3653 page
- SUSE CVE CVE-2021-38198 page
Описание
A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the "int_ctl" field, this issue could allow a malicious L1 to enable AVIC support (Advanced Virtual Interrupt Controller) for the L2 guest. As a result, the L2 guest would be allowed to read/write physical pages of the host, resulting in a crash of the entire system, leak of sensitive data or potential guest-to-host escape. This flaw affects Linux kernel versions prior to 5.14-rc7.
Затронутые продукты
Ссылки
- CVE-2021-3653
- SUSE Bug 1189399
- SUSE Bug 1189420
- SUSE Bug 1196914
Описание
arch/x86/kvm/mmu/paging_tmpl.h in the Linux kernel before 5.12.11 incorrectly computes the access permissions of a shadow page, leading to a missing guest protection page fault.
Затронутые продукты
Ссылки
- CVE-2021-38198
- SUSE Bug 1189262
- SUSE Bug 1189278
- SUSE Bug 1196914