QID 198487
Date Published: 2021-09-15
QID 198487: Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5071-1)
The kvm hypervisor implementation for amd processors in the linux kernel allowed a guest vm to disable restrictions on vmload/vmsave in a nested guest.
The kvm hypervisor implementation for amd processors in the linux kernel did not properly prevent a guest vm from enabling avic in nested guest vms.
The kvm hypervisor implementation for amd processors in the linux kernel did not ensure enough processing time was given to perform cleanups of large sev vms.
The kvm hypervisor implementation in the linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability.
The joystick device interface in the linux kernel did not properly validate data passed via an ioctl().
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
an attacker in a guest vm could use this to read or write portions of the host's physical memory. (
Cve-2021-3656).
An attacker in a guest vm could use this to write to portions of the host's physical memory. (
Cve-2021-3653).
A local attacker could use this to cause a denial of service (soft lockup) (cve-2020-36311).
An attacker who could start and control a vm could possibly use this to expose sensitive information or execute arbitrary code. (
Cve-2021-22543).
A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code on systems with a joystick device registered. (
Cve-2021-3612).
- USN-5071-1 -
ubuntu.com/security/notices/USN-5071-1
CVEs related to QID 198487
| Advisory ID | Software | Component | Link |
|---|---|---|---|
| USN-5071-1 | Ubuntu Linux |
ubuntu.com/security/notices/USN-5071-1 |