CVE-2021-37576 — Out-of-bounds Write in Kernel
Severity
7.8HIGHNVD
OSV8.7OSV4.7
EPSS
0.0%
top 96.96%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJul 26
Latest updateFeb 14
Description
arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest OS users to cause host OS memory corruption via rtas_args.nargs, aka CID-f62f3c20647e.
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9
Affected Packages7 packages
Also affects: Fedora 33, 34
Patches
🔴Vulnerability Details
8OSV▶
linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-dell300x, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle, linux-snapdragon vulnerabilities↗2021-09-29