摘要:
A NULL pointer dereference was found in the Linux kernel s KVM when dirty ring logging is enabled without an active vCPU context. An unprivileged local attacker on the host may use this flaw to cause a kernel oops condition and thus a denial of service by issuing a KVM_XEN_HVM_SET_ATTR ioctl. This flaw affects Linux kernel versions prior to 5.17-rc1.
安全等级: Low
公告ID: KylinSec-SA-2022-1403
发布日期: 2022年4月29日
关联CVE: CVE-2021-4095
A NULL pointer dereference was found in the Linux kernel s KVM when dirty ring logging is enabled without an active vCPU context. An unprivileged local attacker on the host may use this flaw to cause a kernel oops condition and thus a denial of service by issuing a KVM_XEN_HVM_SET_ATTR ioctl. This flaw affects Linux kernel versions prior to 5.17-rc1.
| cve名称 | 产品 | 组件 | 是否受影响 |
|---|---|---|---|
| CVE-2021-4095 | KY3.4-4A | kernel | Unaffected |
| CVE-2021-4095 | KY3.4-5 | kernel | Unaffected |
| CVE-2021-4095 | KY3.5.1 | kernel | Unaffected |
