CVE-2021-37576

high
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest OS users to cause host OS memory corruption via rtas_args.nargs, aka CID-f62f3c20647e.

References

https://lore.kernel.org/linuxppc-dev/[email protected]/T/#u

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f62f3c20647ebd5fb6ecb8f0b477b9281c44c10a

http://www.openwall.com/lists/oss-security/2021/07/27/2

https://lists.fedoraproject.org/archives/list/[email protected]/message/Z2YZ2DNURMYYVDT2NYAFDESJC35KCUDS/

https://lists.fedoraproject.org/archives/list/[email protected]/message/WDFA7DSQIPM7XPNXJBXFWXHJFVUBCAG6/

https://security.netapp.com/advisory/ntap-20210917-0005/

https://www.debian.org/security/2021/dsa-4978

Details

Source: MITRE

Published: 2021-07-26

Updated: 2021-10-18

Type: CWE-787

Risk Information

CVSS v2

Base Score: 7.2

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 3.9

Severity: HIGH

CVSS v3

Base Score: 7.8

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 1.8

Severity: HIGH

Tenable Plugins

View all (46 total)

IDNameProductFamilySeverity
155930SUSE SLES15 Security Update : kernel (SUSE-SU-2021:3969-1)NessusSuSE Local Security Checks
high
155910SUSE SLES12 Security Update : kernel (SUSE-SU-2021:3929-1)NessusSuSE Local Security Checks
high
155902SUSE SLES12 Security Update : kernel (SUSE-SU-2021:3935-1)NessusSuSE Local Security Checks
high
155840SUSE SLES15 Security Update : kernel (SUSE-SU-2021:3876-1)NessusSuSE Local Security Checks
high
155824openSUSE 15 Security Update : kernel (openSUSE-SU-2021:3876-1)NessusSuSE Local Security Checks
high
155547CentOS 7 : kernel (CESA-2021:3801)NessusCentOS Local Security Checks
high
154668RHEL 7 : kernel (RHSA-2021:3987)NessusRed Hat Local Security Checks
high
154666RHEL 7 : kpatch-patch (RHSA-2021:4000)NessusRed Hat Local Security Checks
high
154132Scientific Linux Security Update : kernel on SL7.x x86_64 (2021:3801)NessusScientific Linux Local Security Checks
high
154097Oracle Linux 7 : kernel (ELSA-2021-3801)NessusOracle Linux Local Security Checks
high
154072RHEL 7 : kpatch-patch (RHSA-2021:3768)NessusRed Hat Local Security Checks
high
154070RHEL 7 : kpatch-patch (RHSA-2021:3814)NessusRed Hat Local Security Checks
high
154048RHEL 7 : kernel (RHSA-2021:3812)NessusRed Hat Local Security Checks
high
154046RHEL 7 : kernel (RHSA-2021:3801)NessusRed Hat Local Security Checks
high
154018RHEL 7 : kernel (RHSA-2021:3766)NessusRed Hat Local Security Checks
high
153873RHEL 7 : kernel (RHSA-2021:3725)NessusRed Hat Local Security Checks
high
153860Amazon Linux AMI : kernel (ALAS-2021-1539)NessusAmazon Linux Local Security Checks
high
153799Ubuntu 20.04 LTS / 21.04 : Linux kernel vulnerabilities (USN-5092-2)NessusUbuntu Local Security Checks
high
153797Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-5094-1)NessusUbuntu Local Security Checks
high
153770Ubuntu 20.04 LTS : Linux kernel vulnerabilities (USN-5092-1)NessusUbuntu Local Security Checks
high
153769Ubuntu 20.04 LTS : Linux kernel vulnerabilities (USN-5091-1)NessusUbuntu Local Security Checks
high
153668Debian DSA-4978-1 : linux - security updateNessusDebian Local Security Checks
high
153610EulerOS 2.0 SP8 : kernel (EulerOS-SA-2021-2465)NessusHuawei Local Security Checks
high
153155CentOS 8 : kernel (CESA-2021:3447)NessusCentOS Local Security Checks
high
153109Oracle Linux 8 : kernel (ELSA-2021-3447)NessusOracle Linux Local Security Checks
high
153104RHEL 8 : kernel (RHSA-2021:3447)NessusRed Hat Local Security Checks
high
153103RHEL 8 : kernel (RHSA-2021:3444)NessusRed Hat Local Security Checks
high
153101RHEL 8 : kpatch-patch (RHSA-2021:3443)NessusRed Hat Local Security Checks
high
153100RHEL 8 : kernel (RHSA-2021:3446)NessusRed Hat Local Security Checks
high
153096RHEL 8 : kpatch-patch (RHSA-2021:3442)NessusRed Hat Local Security Checks
high
153035Photon OS 4.0: Linux PHSA-2021-4.0-0095NessusPhotonOS Local Security Checks
high
152843SUSE SLES12 Security Update : kernel (Live Patch 34 for SLE 12 SP3) (SUSE-SU-2021:2842-1)NessusSuSE Local Security Checks
high
152842SUSE SLES12 Security Update : kernel (Live Patch 40 for SLE 12 SP3) (SUSE-SU-2021:2846-1)NessusSuSE Local Security Checks
high
152652SUSE SLES12 / SLES15 Security Update : kernel (Live Patch 16 for SLE 15 SP2) (SUSE-SU-2021:2746-1)NessusSuSE Local Security Checks
high
152648SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2021:2756-1)NessusSuSE Local Security Checks
high
152643SUSE SLES12 / SLES15 Security Update : kernel (Live Patch 17 for SLE 15 SP2) (SUSE-SU-2021:2695-1)NessusSuSE Local Security Checks
high
152569openSUSE 15 Security Update : kernel (openSUSE-SU-2021:2687-1)NessusSuSE Local Security Checks
high
152566SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2021:2687-1)NessusSuSE Local Security Checks
high
152545SUSE SLES15 Security Update : kernel (SUSE-SU-2021:2678-1)NessusSuSE Local Security Checks
high
152481SUSE SLES12 Security Update : kernel (SUSE-SU-2021:2643-1)NessusSuSE Local Security Checks
high
152480SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2021:2647-1)NessusSuSE Local Security Checks
high
152479SUSE SLES15 Security Update : kernel (SUSE-SU-2021:2646-1)NessusSuSE Local Security Checks
high
152478SUSE SLES15 Security Update : kernel (SUSE-SU-2021:2645-1)NessusSuSE Local Security Checks
high
152475SUSE SLES12 Security Update : kernel (SUSE-SU-2021:2644-1)NessusSuSE Local Security Checks
high
152467openSUSE 15 Security Update : kernel (openSUSE-SU-2021:1142-1)NessusSuSE Local Security Checks
high
152459openSUSE 15 Security Update : kernel (openSUSE-SU-2021:2645-1)NessusSuSE Local Security Checks
high