exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 35 RSS Feed

CVE-2021-22543

Status Candidate

Overview

An issue was discovered in Linux: KVM through Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks and can lead to pages being freed while still accessible by the VMM and guest. This allows users with the ability to start and control a VM to read/write random pages of memory and can result in local privilege escalation.

Related Files

Red Hat Security Advisory 2022-5640-01
Posted Jul 27, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5640-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a bypass vulnerability.

tags | advisory, kernel, bypass
systems | linux, redhat
advisories | CVE-2021-22543
SHA-256 | 41f0bf4d87364327ee216fb5bdd84d633452d7de093205af604aba42e1967a89
Red Hat Security Advisory 2021-4000-01
Posted Oct 26, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4000-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a bypass vulnerability.

tags | advisory, kernel, bypass
systems | linux, redhat
advisories | CVE-2021-22543, CVE-2021-37576
SHA-256 | 687e6d95703af3939c1fbae107846e79e2e06ca26cf7b539e366f8c2efeaba20
Red Hat Security Advisory 2021-3987-01
Posted Oct 26, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3987-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include bypass and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2019-20934, CVE-2020-36385, CVE-2021-22543, CVE-2021-3653, CVE-2021-3656, CVE-2021-37576
SHA-256 | 040e54ee516bb6e095dc679de0b614bf50bed500cad2c65a61b6b447e5285956
Ubuntu Security Notice USN-5120-1
Posted Oct 22, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5120-1 - It was discovered that the f2fs file system in the Linux kernel did not properly validate metadata in some situations. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service or possibly execute arbitrary code. It was discovered that the Linux kernel did not properly enforce certain types of entries in the Secure Boot Forbidden Signature Database protection mechanism. An attacker could use this to bypass UEFI Secure Boot restrictions. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel
systems | linux, ubuntu
advisories | CVE-2019-19449, CVE-2020-26541, CVE-2020-36311, CVE-2021-22543, CVE-2021-3612, CVE-2021-3759, CVE-2021-38199, CVE-2021-38207, CVE-2021-40490
SHA-256 | 0a4088e105c209023f79e6f139417f5c549e7100d2f58e29b718a130f141a387
Red Hat Security Advisory 2021-3949-01
Posted Oct 21, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3949-01 - Red Hat Advanced Cluster Management for Kubernetes 2.1.12 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains updates to one or more container images for Red Hat Advanced Cluster Management for Kubernetes. Issues addressed include denial of service, integer overflow, and out of bounds read vulnerabilities.

tags | advisory, denial of service, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2016-4658, CVE-2021-22543, CVE-2021-22922, CVE-2021-22923, CVE-2021-22924, CVE-2021-23840, CVE-2021-23841, CVE-2021-32626, CVE-2021-32627, CVE-2021-32628, CVE-2021-32672, CVE-2021-32675, CVE-2021-32687, CVE-2021-36222, CVE-2021-3653, CVE-2021-3656, CVE-2021-37576, CVE-2021-37750, CVE-2021-41099
SHA-256 | da3bb0a2f0aedf1b55d5f8cbbece5dc6749623ae797a40f9e1cf9bf6796ee1a4
Red Hat Security Advisory 2021-3943-01
Posted Oct 20, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3943-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
advisories | CVE-2021-22543
SHA-256 | 23f081f7764e8ec092d0e1f6057a145873ecedb20bd40dbfd5ebf0f58339e22b
Red Hat Security Advisory 2021-3925-01
Posted Oct 20, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3925-01 - Red Hat Advanced Cluster Management for Kubernetes 2.3.3 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs and provide security updates. Issues addressed include denial of service, information leakage, integer overflow, and out of bounds read vulnerabilities.

tags | advisory, denial of service, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2016-4658, CVE-2020-25648, CVE-2021-21670, CVE-2021-21671, CVE-2021-22543, CVE-2021-22922, CVE-2021-22923, CVE-2021-22924, CVE-2021-23017, CVE-2021-23840, CVE-2021-23841, CVE-2021-25741, CVE-2021-32626, CVE-2021-32627, CVE-2021-32628, CVE-2021-32672, CVE-2021-32675, CVE-2021-32687, CVE-2021-32690, CVE-2021-36222, CVE-2021-3653, CVE-2021-3656, CVE-2021-37576, CVE-2021-37750, CVE-2021-41099
SHA-256 | fd1035fefbb8b3d06fa3e4a659771a25d330eb9fd90f1ff55f4f16a1d0ab3d2c
Red Hat Security Advisory 2021-3801-01
Posted Oct 13, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3801-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a bypass vulnerability.

tags | advisory, kernel, bypass
systems | linux, redhat
advisories | CVE-2021-22543, CVE-2021-3653, CVE-2021-3656, CVE-2021-37576
SHA-256 | 43375940a511d5f02ee335cf93c2c5063eb0463c68eccf3009a5851833c8ca76
Red Hat Security Advisory 2021-3802-01
Posted Oct 13, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3802-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include a bypass vulnerability.

tags | advisory, kernel, bypass
systems | linux, redhat
advisories | CVE-2021-22543, CVE-2021-3653, CVE-2021-3656
SHA-256 | 5b1ebe261d92ad6242105967277f1111639d4d7c9644a3c0390ce169899a22f4
Red Hat Security Advisory 2021-3812-01
Posted Oct 12, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3812-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include bypass and out of bounds write vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2021-22543, CVE-2021-22555, CVE-2021-3653, CVE-2021-3656, CVE-2021-37576
SHA-256 | d2eac6f1add09be972a2780c9efa45b78b7848496f88beb863ed2785ea677c2b
Red Hat Security Advisory 2021-3814-01
Posted Oct 12, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3814-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include bypass and out of bounds write vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2021-22543, CVE-2021-22555, CVE-2021-37576
SHA-256 | 3b1a2d1cc68dcb5014deed6689fcfa5c1174b58abbd6f4aaeb3a5cb1167ea7dd
Red Hat Security Advisory 2021-3768-01
Posted Oct 12, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3768-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a bypass vulnerability.

tags | advisory, kernel, bypass
systems | linux, redhat
advisories | CVE-2021-22543, CVE-2021-37576
SHA-256 | 408e82b35f69cdab725a569554c6e9fe4c67388615c9ecea449d9e529d4e5aa8
Red Hat Security Advisory 2021-3767-02
Posted Oct 12, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3767-02 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a bypass vulnerability.

tags | advisory, kernel, bypass
systems | linux, redhat
advisories | CVE-2021-22543, CVE-2021-3653
SHA-256 | 39ad8c0e4cee4588c9eb7b845059e4ae01204b26fa6ba2d6593a7f87ce11af92
Red Hat Security Advisory 2021-3766-01
Posted Oct 12, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3766-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a bypass vulnerability.

tags | advisory, kernel, bypass
systems | linux, redhat
advisories | CVE-2021-22543, CVE-2021-37576
SHA-256 | ed3ba4657067e5599b1221d740c6c04e6b0c9debfd381a997642e8c8399c58f5
Ubuntu Security Notice USN-5106-1
Posted Oct 7, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5106-1 - Valentina Palmiotti discovered that the io_uring subsystem in the Linux kernel could be coerced to free adjacent memory. A local attacker could use this to execute arbitrary code. It was discovered that the Linux kernel did not properly enforce certain types of entries in the Secure Boot Forbidden Signature Database protection mechanism. An attacker could use this to bypass UEFI Secure Boot restrictions. Various other issues were also addressed.

tags | advisory, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2020-26541, CVE-2021-22543, CVE-2021-3612, CVE-2021-38160, CVE-2021-38199, CVE-2021-41073
SHA-256 | e6f1f8e07840dd321cac128c3e684c8a455cc504df4df29a372d0a536fd65241
Red Hat Security Advisory 2021-3725-01
Posted Oct 5, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3725-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include bypass and out of bounds write vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2021-22543, CVE-2021-22555, CVE-2021-32399, CVE-2021-37576
SHA-256 | 7f735d3b9f335568e537bf87b297d4d999b27ae17dfdcdf3cbb9a64d9adf1e4d
Ubuntu Security Notice USN-5094-2
Posted Oct 1, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5094-2 - It was discovered that the KVM hypervisor implementation in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. An attacker who could start and control a VM could possibly use this to expose sensitive information or execute arbitrary code. It was discovered that the tracing subsystem in the Linux kernel did not properly keep track of per-cpu ring buffer state. A privileged attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel
systems | linux, ubuntu
advisories | CVE-2021-22543, CVE-2021-3679, CVE-2021-3732, CVE-2021-38204, CVE-2021-38205
SHA-256 | d31622e283cd38f8cb186bd7afe5560894a41bd02dd928f9715cafc78b2e7e09
Ubuntu Security Notice USN-5094-1
Posted Sep 29, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5094-1 - It was discovered that the KVM hypervisor implementation in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. An attacker who could start and control a VM could possibly use this to expose sensitive information or execute arbitrary code. It was discovered that the tracing subsystem in the Linux kernel did not properly keep track of per-cpu ring buffer state. A privileged attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel
systems | linux, ubuntu
advisories | CVE-2021-22543, CVE-2021-3679, CVE-2021-3732, CVE-2021-37576, CVE-2021-38204, CVE-2021-38205
SHA-256 | 61410dbe4257dd87ae714e3f86a082bb3acae0802b9d7ce2e4fc034d086c4838
Ubuntu Security Notice USN-5071-3
Posted Sep 22, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5071-3 - It was discovered that the KVM hypervisor implementation in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. An attacker who could start and control a VM could possibly use this to expose sensitive information or execute arbitrary code. Murray McAllister discovered that the joystick device interface in the Linux kernel did not properly validate data passed via an ioctl. A local attacker could use this to cause a denial of service or possibly execute arbitrary code on systems with a joystick device registered. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-22543, CVE-2021-3612
SHA-256 | 63399d9c49059cdc5bb64c4bf9375adf331d0157df9b1c540a9a4d22a0397474
Red Hat Security Advisory 2021-3598-01
Posted Sep 21, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3598-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-22543, CVE-2021-22555, CVE-2021-27218, CVE-2021-33195, CVE-2021-33197, CVE-2021-33198, CVE-2021-34558, CVE-2021-3609, CVE-2021-37576, CVE-2021-38201, CVE-2021-38575
SHA-256 | 3a62781802214e6eb77a0d28fc9fa05ebee3d12366b8219cccc000ace400db7e
Ubuntu Security Notice USN-5071-2
Posted Sep 17, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5071-2 - USN-5071-1 fixed vulnerabilities in the Linux kernel for Ubuntu 20.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 20.04 LTS for Ubuntu 18.04 LTS. Maxim Levitsky and Paolo Bonzini discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel allowed a guest VM to disable restrictions on VMLOAD/VMSAVE in a nested guest. An attacker in a guest VM could use this to read or write portions of the host's physical memory. Various other issues were also addressed.

tags | advisory, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2020-36311, CVE-2021-22543, CVE-2021-3612, CVE-2021-3653, CVE-2021-3656
SHA-256 | 08286776d53ae93088aee6f142faa0c27c8411ae4ab3530488089971ed861760
Ubuntu Security Notice USN-5070-1
Posted Sep 9, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5070-1 - Maxim Levitsky and Paolo Bonzini discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel allowed a guest VM to disable restrictions on VMLOAD/VMSAVE in a nested guest. An attacker in a guest VM could use this to read or write portions of the host's physical memory. Maxim Levitsky discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel did not properly prevent a guest VM from enabling AVIC in nested guest VMs. An attacker in a guest VM could use this to write to portions of the host's physical memory. Various other issues were also addressed.

tags | advisory, kernel
systems | linux, ubuntu
advisories | CVE-2020-26541, CVE-2021-22543, CVE-2021-34693, CVE-2021-3612, CVE-2021-3653, CVE-2021-3656, CVE-2021-38198, CVE-2021-38200, CVE-2021-38206, CVE-2021-38207
SHA-256 | a3a2b8603d4257f8b0d4a21be470c82fa48b4774dc9e390edb98c4d8a1ce252a
Ubuntu Security Notice USN-5071-1
Posted Sep 9, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5071-1 - Maxim Levitsky and Paolo Bonzini discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel allowed a guest VM to disable restrictions on VMLOAD/VMSAVE in a nested guest. An attacker in a guest VM could use this to read or write portions of the host's physical memory. Maxim Levitsky discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel did not properly prevent a guest VM from enabling AVIC in nested guest VMs. An attacker in a guest VM could use this to write to portions of the host's physical memory. Various other issues were also addressed.

tags | advisory, kernel
systems | linux, ubuntu
advisories | CVE-2020-36311, CVE-2021-22543, CVE-2021-3612, CVE-2021-3653, CVE-2021-3656
SHA-256 | 7801f4ce6a4419b3f2f1341fe4341924324976da2dd67f2e555b930b05113149
Red Hat Security Advisory 2021-3454-01
Posted Sep 8, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3454-01 - Red Hat Advanced Cluster Management for Kubernetes 2.3.2 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs and security issues.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-20149, CVE-2020-27777, CVE-2021-22543, CVE-2021-22555, CVE-2021-27218, CVE-2021-29154, CVE-2021-29650, CVE-2021-31535, CVE-2021-32399, CVE-2021-33195, CVE-2021-33197, CVE-2021-33198, CVE-2021-34558, CVE-2021-3609
SHA-256 | ededc503492f31daf90a74b29a6e64b1e7ee98978cd963f10901af9667484f8e
Red Hat Security Advisory 2021-3262-01
Posted Sep 2, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3262-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.7.28.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-22543, CVE-2021-22555, CVE-2021-27218, CVE-2021-3121, CVE-2021-3609
SHA-256 | f37b42defebec364c01fe40a389041ab038a2ebaa9c66663dc7cc5a6686caeaf
Page 1 of 2
Back12Next

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    28 Files
  • 16
    Jul 16th
    6 Files
  • 17
    Jul 17th
    34 Files
  • 18
    Jul 18th
    6 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close