Alerts This Week
Warning Icon 1 681
Alerts This Week
Warning Icon 1 681

Mageia 8: MGASA-2021-0410 Critical: Kernel L1 Guests AVIC Exploit

mageia
Calendar Grey August 23, 2021
Dist Mageia Esm H88
Core-linux enhancement for OpenMandriva addresses major vulnerabilities, improving overall protection against system failures and information breaches.
This kernel-linus update is based on upstream 5.10.60 and fixes atleast the following security issues: A missing validation of the "int_ctl" VMCB field allows a malicious L1 guest...

Summary

This kernel-linus update is based on upstream 5.10.60 and fixes atleast the following security issues:
A missing validation of the "int_ctl" VMCB field allows a malicious L1 guest to enable AVIC support (Advanced Virtual Interrupt Controller) for the L2 guest. The L2 guest is able to write to a limited but still relatively large subset of the host physical memory, resulting in a crash of the entire system, leak of sensitive data or potential guest-to-host escape (CVE-2021-3653).
A missing validation of the the "virt_ext" VMCB field and allows a malicious L1 guest to disable both VMLOAD/VMSAVE intercepts and VLS (Virtual VMLOAD/VMSAVE) for the L2 guest. Under these circumstances, the L2 guest is able to run VMLOAD/VMSAVE unintercepted, and thus read/write portions of the host physical memory, resulting in a crash of the entire system, leak of sensitive data or potential guest-to-host escape (CVE-2021-3656).
drivers/net/ethernet/xilinx/xilinx_emaclite.c in the Linux kernel before 5.13...

Read the Full Advisory

References

- https://bugs.mageia.org/show_bug.cgi?id=29385

- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.57

- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.58

- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.59

- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.60

- https://www.cve.org/CVERecord?id=CVE-2021-3653

- https://www.cve.org/CVERecord?id=CVE-2021-3656

- https://www.cve.org/CVERecord?id=CVE-2021-38205

Topics%20covered

Topics Covered

security advisory kernel update critical system integrity Mageia guest escape AVIC

Resolution

SRPMS

- 8/core/kernel-linus-5.10.60-1.mga8

Severity
critical
Lowest
Low
Medium
High
Critical

Publication date: 23 Aug 2021
URL: https://advisories.mageia.org/MGASA-2021-0410.html
Type: security
CVE: CVE-2021-3653, CVE-2021-3656, CVE-2021-38205

Topics%20covered

Topics Covered

security advisory kernel update critical system integrity Mageia guest escape AVIC

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here