CVE-2021-4093 — Out-of-bounds Read in Kernel

CWE-125 — Out-of-bounds Read CWE-787 — Out-of-bounds Write8 documents8 sources

Severity

8.8HIGHNVD

EPSS

0.1%

top 74.53%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Kernel Canonical Ubuntu Linux Fedoraproject Fedora +1 more

Timeline

PublishedFeb 18

Latest updateFeb 19

Description

A flaw was found in the KVM's AMD code for supporting the Secure Encrypted Virtualization-Encrypted State (SEV-ES). A KVM guest using SEV-ES can trigger out-of-bounds reads and writes in the host kernel via a malicious VMGEXIT for a string I/O instruction (for example, outs or ins) using the exit reason SVM_EXIT_IOIO. This issue results in a crash of the entire system or a potential guest-to-host escape scenario.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:HExploitability: 2.0 | Impact: 6.0

Affected Packages3 packages

▶NVDlinux/linux_kernel5.11 — 5.14.16

▶Debianlinux/linux_kernel< 5.14.16-1+2

▶CVEListV5linux/linux_kernelkernel 5.15

Also affects: Fedora 35, Ubuntu Linux 20.04, 21.10, Enterprise Linux 8.0

Patches

Patch: bugs.chromium.org ↗Patch: bugzilla.redhat.com ↗Patch: bugs.chromium.org ↗

🔴Vulnerability Details

GHSA

GHSA-2vg6-vx3w-m2r4: A flaw was found in the KVM's AMD code for supporting the Secure Encrypted Virtualization-Encrypted State (SEV-ES)↗2022-02-19

▶

CVEList

CVE-2021-4093: A flaw was found in the KVM's AMD code for supporting the Secure Encrypted Virtualization-Encrypted State (SEV-ES)↗2022-02-18

▶

OSV

CVE-2021-4093: A flaw was found in the KVM's AMD code for supporting the Secure Encrypted Virtualization-Encrypted State (SEV-ES)↗2022-02-18

▶

📋Vendor Advisories

Microsoft

▶

Ubuntu

Linux kernel vulnerabilities↗2022-02-03

▶

Red Hat

kernel: KVM: SVM: out-of-bounds read/write in sev_es_string_io↗2021-11-22

▶

Debian

CVE-2021-4093: linux - A flaw was found in the KVM's AMD code for supporting the Secure Encrypted Virtu...↗2021

▶