CVE-2021-22543Improper Restriction of Operations within the Bounds of a Memory Buffer in Kernel

CWE-119Improper Restriction of Operations within the Bounds of a Memory BufferCWE-863Incorrect Authorization22 documents7 sources
Severity
8.7HIGHNVD
OSV7.8OSV6.5OSV5.5
EPSS
0.0%
top 97.12%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
6
Linux KernelLinux KernelDebian Linux+3 more
Timeline
PublishedMay 26
Latest updateFeb 14

Description

An issue was discovered in Linux: KVM through Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks and can lead to pages being freed while still accessible by the VMM and guest. This allows users with the ability to start and control a VM to read/write random pages of memory and can result in local privilege escalation.

CVSS vector

CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:L/SC:H/SI:H/SA:L

Affected Packages6 packages

debiandebian/linux< linux 5.10.46-2 (bookworm)
CVEListV5linux_kernel/linux_kerneladd6a0cd1c5ba51b201e1361b05a5df817083618f8be156be163a052a067306417cd0ff679068c97
Debianlinux/linux_kernel< 5.10.46-2+3
Ubuntulinux/linux_kernel< 4.15.0-159.167+1
NVDlinux/linux_kernel2021-05-18

Also affects: Debian Linux 9.0, Fedora 33, 34

🔴Vulnerability Details

10
OSV
linux-azure-5.8 vulnerabilities2021-10-21
OSV
linux-oem-5.10 vulnerabilities2021-10-06
OSV
linux-raspi2 vulnerabilities2021-09-30
OSV
linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-dell300x, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle, linux-snapdragon vulnerabilities2021-09-29
OSV
linux-raspi, linux-raspi-5.4 vulnerabilities2021-09-22

📋Vendor Advisories

11
Palo Alto
PAN-SA-2024-0001 Informational Bulletin: Impact of OSS CVEs in PAN-OS2024-02-14
Ubuntu
Linux kernel (Azure) vulnerabilities2021-10-21
Ubuntu
Linux kernel (OEM) vulnerabilities2021-10-06
Ubuntu
Linux kernel (Raspberry Pi) vulnerabilities2021-09-30
Ubuntu
Linux kernel vulnerabilities2021-09-29
CVE-2021-22543 — Linux Kernel vulnerability | cvebase