ALAS2-2021-1699 --- kernelID: oval:org.secpod.oval:def:1700699 | Date: (C)2021-08-26 (M)2024-06-05 |
Class: PATCH | Family: unix |
A flaw was found in the Linux kernel"s KVM implementation, where improper handing of the VM_IO|VM_PFNMAP VMAs in KVM bypasses RO checks and leads to pages being freed while still accessible by the VMM and guest. This flaw allows users who can start and control a VM to read/write random pages of memory, resulting in local privilege escalation. The highest threat from this vulnerability is to confidentiality, integrity, and system availability
Product: |
kernel |
python-perf |
perf |