CVE-2021-3653

high
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the "int_ctl" field, this issue could allow a malicious L1 to enable AVIC support (Advanced Virtual Interrupt Controller) for the L2 guest. As a result, the L2 guest would be allowed to read/write physical pages of the host, resulting in a crash of the entire system, leak of sensitive data or potential guest-to-host escape. This flaw affects Linux kernel versions prior to 5.14-rc7.

References

https://www.openwall.com/lists/oss-security/2021/08/16/1

https://bugzilla.redhat.com/show_bug.cgi?id=1983686

https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html

Details

Source: MITRE

Published: 2021-09-29

Updated: 2021-10-16

Type: CWE-862

Risk Information

CVSS v2

Base Score: 6.1

Vector: AV:L/AC:L/Au:N/C:P/I:P/A:C

Impact Score: 8.5

Exploitability Score: 3.9

Severity: MEDIUM

CVSS v3

Base Score: 8.8

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Impact Score: 6

Exploitability Score: 2

Severity: HIGH

Tenable Plugins

View all (49 total)

IDNameProductFamilySeverity
155680Oracle Linux 8 : Unbreakable Enterprise kernel-container (ELSA-2021-9565)NessusOracle Linux Local Security Checks
high
155679Oracle Linux 8 : Unbreakable Enterprise kernel (ELSA-2021-9564)NessusOracle Linux Local Security Checks
high
155547CentOS 7 : kernel (CESA-2021:3801)NessusCentOS Local Security Checks
high
155385RHEL 7 : kernel (RHSA-2021:4692)NessusRed Hat Local Security Checks
high
155119EulerOS 2.0 SP9 : kernel (EulerOS-SA-2021-2713)NessusHuawei Local Security Checks
high
154668RHEL 7 : kernel (RHSA-2021:3987)NessusRed Hat Local Security Checks
high
154254RHEL 8 : kernel-rt (RHSA-2021:3909)NessusRed Hat Local Security Checks
high
154251RHEL 8 : kernel (RHSA-2021:3904)NessusRed Hat Local Security Checks
high
154133SUSE SLES15 Security Update : kernel (SUSE-SU-2021:3415-1)NessusSuSE Local Security Checks
high
154132Scientific Linux Security Update : kernel on SL7.x x86_64 (2021:3801)NessusScientific Linux Local Security Checks
high
154097Oracle Linux 7 : kernel (ELSA-2021-3801)NessusOracle Linux Local Security Checks
high
154086RHEL 7 : kernel (RHSA-2021:3767)NessusRed Hat Local Security Checks
high
154048RHEL 7 : kernel (RHSA-2021:3812)NessusRed Hat Local Security Checks
high
154047RHEL 7 : kernel-rt (RHSA-2021:3802)NessusRed Hat Local Security Checks
high
154046RHEL 7 : kernel (RHSA-2021:3801)NessusRed Hat Local Security Checks
high
153776RHEL 8 : kernel (RHSA-2021:3676)NessusRed Hat Local Security Checks
high
153668Debian DSA-4978-1 : linux - security updateNessusDebian Local Security Checks
high
153627SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2021:3207-1)NessusSuSE Local Security Checks
high
153625SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2021:3206-1)NessusSuSE Local Security Checks
high
153622SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2021:3205-1)NessusSuSE Local Security Checks
high
153620SUSE SLES12 Security Update : kernel (Live Patch 36 for SLE 12 SP3) (SUSE-SU-2021:3196-1)NessusSuSE Local Security Checks
medium
153616SUSE SLES12 Security Update : kernel (SUSE-SU-2021:3217-1)NessusSuSE Local Security Checks
high
153598openSUSE 15 Security Update : kernel (openSUSE-SU-2021:3205-1)NessusSuSE Local Security Checks
high
153581SUSE SLES12 Security Update : kernel (SUSE-SU-2021:3192-1)NessusSuSE Local Security Checks
high
153542SUSE SLES15 Security Update : kernel (SUSE-SU-2021:3179-1)NessusSuSE Local Security Checks
high
153541openSUSE 15 Security Update : kernel (openSUSE-SU-2021:3179-1)NessusSuSE Local Security Checks
high
153540SUSE SLES15 Security Update : kernel (SUSE-SU-2021:3178-1)NessusSuSE Local Security Checks
high
153535SUSE SLES15 Security Update : kernel (SUSE-SU-2021:3177-1)NessusSuSE Local Security Checks
high
153476Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel (GCP) vulnerabilities (USN-5073-2)NessusUbuntu Local Security Checks
high
153463SUSE SLES12 / SLES15 Security Update : kernel (Live Patch 0 for SLE 15 SP3) (SUSE-SU-2021:3073-1)NessusSuSE Local Security Checks
medium
153449Ubuntu 20.04 LTS : Linux kernel (OEM) vulnerabilities (USN-5082-1)NessusUbuntu Local Security Checks
high
153445Ubuntu 18.04 LTS : Linux kernel (HWE) vulnerabilities (USN-5071-2)NessusUbuntu Local Security Checks
high
153443Oracle Linux 7 / 8 : Unbreakable Enterprise kernel-container (ELSA-2021-9451)NessusOracle Linux Local Security Checks
medium
153442Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2021-9450)NessusOracle Linux Local Security Checks
medium
153419Oracle Linux 8 : kernel (ELSA-2021-3548)NessusOracle Linux Local Security Checks
high
153418Amazon Linux 2 : kernel (ALAS-2021-1704)NessusAmazon Linux Local Security Checks
high
153414openSUSE 15 Security Update : kernel (openSUSE-SU-2021:1271-1)NessusSuSE Local Security Checks
high
153409CentOS 8 : kernel (CESA-2021:3548)NessusCentOS Local Security Checks
high
153405RHEL 8 : kernel (RHSA-2021:3548)NessusRed Hat Local Security Checks
high
153403RHEL 8 : kernel-rt (RHSA-2021:3547)NessusRed Hat Local Security Checks
high
153179Ubuntu 20.04 LTS : Linux kernel vulnerabilities (USN-5072-1)NessusUbuntu Local Security Checks
high
153178Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-5071-1)NessusUbuntu Local Security Checks
high
153177Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-5073-1)NessusUbuntu Local Security Checks
high
153174Ubuntu 20.04 LTS / 21.04 : Linux kernel vulnerabilities (USN-5070-1)NessusUbuntu Local Security Checks
high
153134Ubuntu 16.04 LTS : Linux kernel vulnerability (USN-5062-1)NessusUbuntu Local Security Checks
high
152601Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2021-9419)NessusOracle Linux Local Security Checks
high
152598Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2021-9420)NessusOracle Linux Local Security Checks
high
152597Oracle Linux 7 / 8 : Unbreakable Enterprise kernel-container (ELSA-2021-9421)NessusOracle Linux Local Security Checks
high
152578Oracle Linux 7 : Unbreakable Enterprise kernel-container (ELSA-2021-9422)NessusOracle Linux Local Security Checks
high