HIGH🇵🇱 Wersja polska

CVE-2021-3656

CVSS 8.8v3.1pub. 2022-03-04upd. 2024-11-21

A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the "virt_ext" field, this issue could allow a malicious L1 to disable both VMLOAD/VMSAVE intercepts and VLS (Virtual VMLOAD/VMSAVE) for the L2 guest. As a result, the L2 guest would be allowed to read/write physical pages of the host, resulting in a crash of the entire system, leak of sensitive data or potential guest-to-host escape.

CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
  • Fedora Project Fedora

    OS
    Fedoraproject
    3334
  • Linux Kernel

    OS
    Linux
    5.145.5 – 5.10.60 (bez)5.11 – 5.13.12 (bez)4.13 – 4.14.245 (bez)4.15 – 4.19.205 (bez)4.20 – 5.4.142 (bez)
  • Red Hat 3scale Api Management

    APP
    Redhat
    2.0
  • Red Hat Codeready Linux Builder

    APP
    Redhat
    wszystkie wersje
  • Red Hat Enterprise Linux

    OS
    Redhat
    7.08.0
  • Red Hat Enterprise Linux Desktop

    OS
    Redhat
    7.0
  • Red Hat Enterprise Linux Eus

    OS
    Redhat
    8.18.28.4
  • Red Hat Enterprise Linux For IBM Z Systems

    OS
    Redhat
    7.08.0
  • Red Hat Enterprise Linux For IBM Z Systems Eus

    OS
    Redhat
    8.18.28.4
  • Red Hat Enterprise Linux For Power Big Endian

    OS
    Redhat
    7.0
  • Red Hat Enterprise Linux For Power Little Endian

    OS
    Redhat
    7.08.0
  • Red Hat Enterprise Linux For Power Little Endian Eus

    OS
    Redhat
    8.18.28.4
  • Red Hat Enterprise Linux For Real Time

    OS
    Redhat
    78
  • Red Hat Enterprise Linux For Real Time For Nfv

    OS
    Redhat
    78
  • Red Hat Enterprise Linux For Real Time For Nfv Tus

    OS
    Redhat
    8.28.4
  • Red Hat Enterprise Linux For Real Time Tus

    OS
    Redhat
    8.28.4
  • Red Hat Enterprise Linux For Scientific Computing

    OS
    Redhat
    7.0
  • Red Hat Enterprise Linux Server

    OS
    Redhat
    7.0
  • Red Hat Enterprise Linux Server Aus

    OS
    Redhat
    7.67.78.28.4
  • Red Hat Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions

    OS
    Redhat
    7.68.18.28.4
  • Red Hat Enterprise Linux Server Tus

    OS
    Redhat
    7.67.78.28.4
  • Red Hat Enterprise Linux Server Update Services For Sap Solutions

    OS
    Redhat
    7.67.78.18.28.4
  • Red Hat Enterprise Linux Workstation

    OS
    Redhat
    7.0
  • Red Hat Openstack

    APP
    Redhat
    13
  • Red Hat Software Collections

    APP
    Redhat
    wszystkie wersje
  • Red Hat Virtualization Host

    APP
    Redhat
    4.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2025-10585CRITICAL9.8⚠ KEVPL ✓ten sam produkt

Type confusion w V8 (Google Chrome) — zdalne uszkodzenie sterty

CVE-2025-32463CRITICAL9.3⚠ KEVPL ✓ten sam produkt

Sudo: eskalacja uprawnień do root poprzez opcję --chroot (CVE-2025-32463)

CVE-2025-34028CRITICAL9.3⚠ KEVPL ✓ten sam produkt

Commvault Command Center – nieuwierzytelniony RCE przez path traversal w ZIP

CVE-2024-4577CRITICAL9.8⚠ KEVPL ✓ten sam produkt

PHP CGI argument injection – RCE na Windows przez mechanizm Best-Fit

CVE-2024-5274CRITICAL9.6⚠ KEVPL ✓ten sam produkt

Type Confusion w V8 (Google Chrome) — RCE przez spreparowaną stronę HTML