CVE-2021-22543

high
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

An issue was discovered in Linux: KVM through Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks and can lead to pages being freed while still accessible by the VMM and guest. This allows users with the ability to start and control a VM to read/write random pages of memory and can result in local privilege escalation.

References

https://github.com/google/security-research/security/advisories/GHSA-7wq5-phmq-m584

http://www.openwall.com/lists/oss-security/2021/06/26/1

https://lists.fedoraproject.org/archives/list/[email protected]/message/ROQIXQB7ZAWI3KSGSHR6H5RDUWZI775S/

https://lists.fedoraproject.org/archives/list/[email protected]/message/4G5YBUVEPHZYXMKNGBZ3S6INFCTEEL4E/

https://security.netapp.com/advisory/ntap-20210708-0002/

https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html

Details

Source: MITRE

Published: 2021-05-26

Updated: 2021-11-12

Type: CWE-119

Risk Information

CVSS v2

Base Score: 4.6

Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 3.9

Severity: MEDIUM

CVSS v3

Base Score: 7.8

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 1.8

Severity: HIGH

Tenable Plugins

View all (52 total)

IDNameProductFamilySeverity
155547CentOS 7 : kernel (CESA-2021:3801)NessusCentOS Local Security Checks
high
154668RHEL 7 : kernel (RHSA-2021:3987)NessusRed Hat Local Security Checks
high
154666RHEL 7 : kpatch-patch (RHSA-2021:4000)NessusRed Hat Local Security Checks
high
154338Ubuntu 20.04 LTS : Linux kernel (Azure) vulnerabilities (USN-5120-1)NessusUbuntu Local Security Checks
high
154335RHEL 7 : RHV-H security update (redhat-virtualization-host) 4.3.19 (Moderate) (RHSA-2021:3943)NessusRed Hat Local Security Checks
high
154132Scientific Linux Security Update : kernel on SL7.x x86_64 (2021:3801)NessusScientific Linux Local Security Checks
high
154097Oracle Linux 7 : kernel (ELSA-2021-3801)NessusOracle Linux Local Security Checks
high
154086RHEL 7 : kernel (RHSA-2021:3767)NessusRed Hat Local Security Checks
high
154072RHEL 7 : kpatch-patch (RHSA-2021:3768)NessusRed Hat Local Security Checks
high
154070RHEL 7 : kpatch-patch (RHSA-2021:3814)NessusRed Hat Local Security Checks
high
154048RHEL 7 : kernel (RHSA-2021:3812)NessusRed Hat Local Security Checks
high
154047RHEL 7 : kernel-rt (RHSA-2021:3802)NessusRed Hat Local Security Checks
high
154046RHEL 7 : kernel (RHSA-2021:3801)NessusRed Hat Local Security Checks
high
154018RHEL 7 : kernel (RHSA-2021:3766)NessusRed Hat Local Security Checks
high
153908Ubuntu 20.04 LTS : Linux kernel (OEM) vulnerabilities (USN-5106-1)NessusUbuntu Local Security Checks
high
153873RHEL 7 : kernel (RHSA-2021:3725)NessusRed Hat Local Security Checks
high
153860Amazon Linux AMI : kernel (ALAS-2021-1539)NessusAmazon Linux Local Security Checks
high
153802Ubuntu 18.04 LTS : Linux kernel (Raspberry Pi) vulnerabilities (USN-5094-2)NessusUbuntu Local Security Checks
medium
153797Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-5094-1)NessusUbuntu Local Security Checks
high
153786Amazon Linux 2 : kernel (ALAS-2021-1699)NessusAmazon Linux Local Security Checks
high
153526Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel (Raspberry Pi) vulnerabilities (USN-5071-3)NessusUbuntu Local Security Checks
high
153499Photon OS 3.0: Linux PHSA-2021-3.0-0302NessusPhotonOS Local Security Checks
medium
153445Ubuntu 18.04 LTS : Linux kernel (HWE) vulnerabilities (USN-5071-2)NessusUbuntu Local Security Checks
high
153443Oracle Linux 7 / 8 : Unbreakable Enterprise kernel-container (ELSA-2021-9451)NessusOracle Linux Local Security Checks
medium
153442Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2021-9450)NessusOracle Linux Local Security Checks
medium
153178Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-5071-1)NessusUbuntu Local Security Checks
high
153174Ubuntu 20.04 LTS / 21.04 : Linux kernel vulnerabilities (USN-5070-1)NessusUbuntu Local Security Checks
high
153042Photon OS 2.0: Linux PHSA-2021-2.0-0387NessusPhotonOS Local Security Checks
high
152940RHEL 8 : kpatch-patch (RHSA-2021:3380)NessusRed Hat Local Security Checks
high
152931RHEL 8 : kernel-rt (RHSA-2021:3375)NessusRed Hat Local Security Checks
high
152925RHEL 8 : kernel (RHSA-2021:3363)NessusRed Hat Local Security Checks
high
152688RHEL 8 : Red Hat Virtualization Host security and bug fix update [ovirt-4.4.7] (Important) (RHSA-2021:3235)NessusRed Hat Local Security Checks
high
152652SUSE SLES12 / SLES15 Security Update : kernel (Live Patch 16 for SLE 15 SP2) (SUSE-SU-2021:2746-1)NessusSuSE Local Security Checks
high
152648SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2021:2756-1)NessusSuSE Local Security Checks
high
152643SUSE SLES12 / SLES15 Security Update : kernel (Live Patch 17 for SLE 15 SP2) (SUSE-SU-2021:2695-1)NessusSuSE Local Security Checks
high
152619RHEL 8 : kpatch-patch (RHSA-2021:3181)NessusRed Hat Local Security Checks
high
152613RHEL 8 : kernel (RHSA-2021:3173)NessusRed Hat Local Security Checks
high
152596CentOS 8 : kernel (CESA-2021:3057)NessusCentOS Local Security Checks
high
152569openSUSE 15 Security Update : kernel (openSUSE-SU-2021:2687-1)NessusSuSE Local Security Checks
high
152566SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2021:2687-1)NessusSuSE Local Security Checks
high
152545SUSE SLES15 Security Update : kernel (SUSE-SU-2021:2678-1)NessusSuSE Local Security Checks
high
152493Oracle Linux 8 : kernel (ELSA-2021-3057)NessusOracle Linux Local Security Checks
high
152481SUSE SLES12 Security Update : kernel (SUSE-SU-2021:2643-1)NessusSuSE Local Security Checks
high
152480SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2021:2647-1)NessusSuSE Local Security Checks
high
152479SUSE SLES15 Security Update : kernel (SUSE-SU-2021:2646-1)NessusSuSE Local Security Checks
high
152478SUSE SLES15 Security Update : kernel (SUSE-SU-2021:2645-1)NessusSuSE Local Security Checks
high
152475SUSE SLES12 Security Update : kernel (SUSE-SU-2021:2644-1)NessusSuSE Local Security Checks
high
152467openSUSE 15 Security Update : kernel (openSUSE-SU-2021:1142-1)NessusSuSE Local Security Checks
high
152459openSUSE 15 Security Update : kernel (openSUSE-SU-2021:2645-1)NessusSuSE Local Security Checks
high
152444RHEL 8 : kpatch-patch (RHSA-2021:3044)NessusRed Hat Local Security Checks
high
152441RHEL 8 : kernel-rt (RHSA-2021:3088)NessusRed Hat Local Security Checks
high
152438RHEL 8 : kernel (RHSA-2021:3057)NessusRed Hat Local Security Checks
high