First published: Mon Jul 19 2021(Updated: )
A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the "int_ctl" field, this issue could allow a malicious L1 to enable AVIC support (Advanced Virtual Interrupt Controller) for the L2 guest. As a result, the L2 guest would be allowed to read/write physical pages of the host, resulting in a crash of the entire system, leak of sensitive data or potential guest-to-host escape.
Credit: secalert@redhat.com secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/kernel-rt | <0:3.10.0-1160.45.1.rt56.1185.el7 | 0:3.10.0-1160.45.1.rt56.1185.el7 |
redhat/kernel | <0:3.10.0-1160.45.1.el7 | 0:3.10.0-1160.45.1.el7 |
redhat/kernel | <0:3.10.0-327.101.1.el7 | 0:3.10.0-327.101.1.el7 |
redhat/kernel | <0:3.10.0-514.95.1.el7 | 0:3.10.0-514.95.1.el7 |
redhat/kernel | <0:3.10.0-693.95.1.el7 | 0:3.10.0-693.95.1.el7 |
redhat/kernel | <0:3.10.0-957.84.1.el7 | 0:3.10.0-957.84.1.el7 |
redhat/kernel | <0:3.10.0-1062.59.1.el7 | 0:3.10.0-1062.59.1.el7 |
redhat/kernel-rt | <0:4.18.0-305.19.1.rt7.91.el8_4 | 0:4.18.0-305.19.1.rt7.91.el8_4 |
redhat/kernel | <0:4.18.0-305.19.1.el8_4 | 0:4.18.0-305.19.1.el8_4 |
redhat/kernel | <0:4.18.0-147.56.1.el8_1 | 0:4.18.0-147.56.1.el8_1 |
redhat/kernel-rt | <0:4.18.0-193.68.1.rt13.118.el8_2 | 0:4.18.0-193.68.1.rt13.118.el8_2 |
redhat/kernel | <0:4.18.0-193.68.1.el8_2 | 0:4.18.0-193.68.1.el8_2 |
Linux Linux kernel | >=2.6.30<4.4.282 | |
Linux Linux kernel | >=4.5<4.9.281 | |
Linux Linux kernel | >=4.10<4.14.245 | |
Linux Linux kernel | >=4.15<4.19.205 | |
Linux Linux kernel | >=4.20<5.4.142 | |
Linux Linux kernel | >=5.5<5.10.60 | |
Linux Linux kernel | >=5.11<5.13.12 | |
Linux Linux kernel | =5.14-rc1 | |
Linux Linux kernel | =5.14-rc2 | |
Linux Linux kernel | =5.14-rc3 | |
Linux Linux kernel | =5.14-rc4 | |
Linux Linux kernel | =5.14-rc5 | |
Linux Linux kernel | =5.14-rc6 | |
Redhat Enterprise Linux | =7.0 | |
Debian Debian Linux | =9.0 | |
redhat/kernel | <5.14 | 5.14 |
debian/linux | 5.10.223-1 5.10.226-1 6.1.115-1 6.1.119-1 6.11.10-1 6.12.5-1 |
This vulnerability can be mitigated by disabling the nested virtualization feature: ``` # modprobe -r kvm_amd # modprobe kvm_amd nested=0 ```
Disable nested virtualisation when loading the KVM AMD module: modprobe kvm_amd nested=0
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Appears in the following advisories)