Debian: DSA-4978-1 Critical: Linux Kernel Security Issues
debian
September 25, 2021
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks
Summary
CVE-2020-3702
A flaw was found in the driver for Atheros IEEE 802.11n family of
chipsets (ath9k) allowing information disclosure.
CVE-2020-16119
Hadar Manor reported a use-after-free in the DCCP protocol
implementation in the Linux kernel. A local attacker can take
advantage of this flaw to cause a denial of service or potentially
to execute arbitrary code.
CVE-2021-3653
Maxim Levitsky discovered a vulnerability in the KVM hypervisor
implementation for AMD processors in the Linux kernel: Missing
validation of the `int_ctl` VMCB field could allow a malicious L1
guest to enable AVIC support (Advanced Virtual Interrupt Controller)
for the L2 guest. The L2 guest can take advantage of this flaw to
write to a limited but still relatively large subset of the host
physical memory.
CVE-2021-3656
Maxim Levitsky and Paolo Bonzini discovered a flaw in the KVM
hypervisor implementation for AMD processors in the Linux kernel.
Missing validation of the ...
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Package: linux
CVE ID: CVE-2020-3702 CVE-2020-16119 CVE-2021-3653 CVE-2021-3656
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!