Home

CVE-2021-3501

Description

A flaw was found in the Linux kernel in versions before 5.12. The value of internal.ndata, in the KVM API, is mapped to an array index, which can be updated by a user process at anytime which could lead to an out-of-bounds write. The highest threat from this vulnerability is to data integrity and system availability.

Risk Information

Base Score
7.1
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
EPSS Score
Exploitation Probability
0.042

Associated Vulnerability

VulnerabilityOS Platform
(RHSA-2021:2165) kpatch-patch security update kpatch-patch-4_18_0-305-1-1.el8.x86_64.rpmLinux
(RHSA-2021:2165) kpatch-patch security update kpatch-patch-4_18_0-305-debugsource-1-1.el8.x86_64.rpmLinux
(RHSA-2021:2168) kernel security and bug fix update bpftool-4.18.0-305.3.1.el8_4.x86_64.rpmLinux
(RHSA-2021:2168) kernel security and bug fix update kernel-4.18.0-305.3.1.el8_4.x86_64.rpmLinux
(RHSA-2021:2168) kernel security and bug fix update kernel-abi-stablelists-4.18.0-305.3.1.el8_4.noarch.rpmLinux
(RHSA-2021:2168) kernel security and bug fix update kernel-core-4.18.0-305.3.1.el8_4.x86_64.rpmLinux
(RHSA-2021:2168) kernel security and bug fix update kernel-cross-headers-4.18.0-305.3.1.el8_4.x86_64.rpmLinux
(RHSA-2021:2168) kernel security and bug fix update kernel-debug-4.18.0-305.3.1.el8_4.x86_64.rpmLinux
(RHSA-2021:2168) kernel security and bug fix update kernel-debug-core-4.18.0-305.3.1.el8_4.x86_64.rpmLinux
(RHSA-2021:2168) kernel security and bug fix update kernel-debug-devel-4.18.0-305.3.1.el8_4.x86_64.rpmLinux
(RHSA-2021:2168) kernel security and bug fix update kernel-debug-modules-4.18.0-305.3.1.el8_4.x86_64.rpmLinux
(RHSA-2021:2168) kernel security and bug fix update kernel-debug-modules-extra-4.18.0-305.3.1.el8_4.x86_64.rpmLinux
(RHSA-2021:2168) kernel security and bug fix update kernel-devel-4.18.0-305.3.1.el8_4.x86_64.rpmLinux
(RHSA-2021:2168) kernel security and bug fix update kernel-doc-4.18.0-305.3.1.el8_4.noarch.rpmLinux
(RHSA-2021:2168) kernel security and bug fix update kernel-headers-4.18.0-305.3.1.el8_4.x86_64.rpmLinux
(RHSA-2021:2168) kernel security and bug fix update kernel-modules-4.18.0-305.3.1.el8_4.x86_64.rpmLinux
(RHSA-2021:2168) kernel security and bug fix update kernel-modules-extra-4.18.0-305.3.1.el8_4.x86_64.rpmLinux
(RHSA-2021:2168) kernel security and bug fix update kernel-tools-4.18.0-305.3.1.el8_4.x86_64.rpmLinux
(RHSA-2021:2168) kernel security and bug fix update kernel-tools-libs-4.18.0-305.3.1.el8_4.x86_64.rpmLinux
(RHSA-2021:2168) kernel security and bug fix update perf-4.18.0-305.3.1.el8_4.x86_64.rpmLinux
(RHSA-2021:2168) kernel security and bug fix update python3-perf-4.18.0-305.3.1.el8_4.x86_64.rpmLinux
Linux kernel (USN-4977-1) linux-image-aws_5.11.0.1008.8_amd64.debLinux
Linux kernel (USN-4977-1) linux-image-gcp_5.11.0.1008.8_amd64.debLinux
Linux kernel (USN-4977-1) linux-image-gke_5.11.0.1008.8_amd64.debLinux
Linux kernel (USN-4977-1) linux-image-kvm_5.11.0.1008.8_amd64.debLinux
Linux kernel (USN-4977-1) linux-image-azure_5.11.0.1006.6_amd64.debLinux
Linux kernel (USN-4977-1) linux-image-oracle_5.11.0.1007.7_amd64.debLinux
Linux kernel (USN-4977-1) linux-image-generic_5.11.0.18.19_amd64.debLinux
Linux kernel (USN-4977-1) linux-image-virtual_5.11.0.18.19_amd64.debLinux
Linux kernel (USN-4977-1) linux-image-lowlatency_5.11.0.18.19_amd64.debLinux
Linux kernel (USN-4977-1) linux-image-5.11.0-1008-aws_5.11.0-1008.8_amd64.debLinux
Linux kernel (USN-4977-1) linux-image-5.11.0-1008-gcp_5.11.0-1008.9_amd64.debLinux
Linux kernel (USN-4977-1) linux-image-5.11.0-1008-kvm_5.11.0-1008.8_amd64.debLinux
Linux kernel (USN-4977-1) linux-image-5.11.0-1006-azure_5.11.0-1006.6_amd64.debLinux
Linux kernel (USN-4977-1) linux-image-5.11.0-18-generic_5.11.0-18.19_amd64.debLinux
Linux kernel (USN-4977-1) linux-image-5.11.0-1007-oracle_5.11.0-1007.7_amd64.debLinux
Linux kernel (USN-4977-1) linux-image-5.11.0-18-lowlatency_5.11.0-18.19_amd64.debLinux
Bpftool update (ELSA-2021-2168) bpftool-4.18.0-305.3.1.el8_4.x86_64.rpmLinux
Kernel update (ELSA-2021-2168) kernel-4.18.0-305.3.1.el8_4.x86_64.rpmLinux
Kernel-abi-stablelists update (ELSA-2021-2168) kernel-abi-stablelists-4.18.0-305.3.1.el8_4.noarch.rpmLinux
Kernel-core update (ELSA-2021-2168) kernel-core-4.18.0-305.3.1.el8_4.x86_64.rpmLinux
Kernel-cross-headers update (ELSA-2021-2168) kernel-cross-headers-4.18.0-305.3.1.el8_4.x86_64.rpmLinux
Kernel-debug update (ELSA-2021-2168) kernel-debug-4.18.0-305.3.1.el8_4.x86_64.rpmLinux
Kernel-debug-core update (ELSA-2021-2168) kernel-debug-core-4.18.0-305.3.1.el8_4.x86_64.rpmLinux
Kernel-debug-devel update (ELSA-2021-2168) kernel-debug-devel-4.18.0-305.3.1.el8_4.x86_64.rpmLinux
Kernel-debug-modules update (ELSA-2021-2168) kernel-debug-modules-4.18.0-305.3.1.el8_4.x86_64.rpmLinux
Kernel-debug-modules-extra update (ELSA-2021-2168) kernel-debug-modules-extra-4.18.0-305.3.1.el8_4.x86_64.rpmLinux
Kernel-devel update (ELSA-2021-2168) kernel-devel-4.18.0-305.3.1.el8_4.x86_64.rpmLinux
Kernel-doc update (ELSA-2021-2168) kernel-doc-4.18.0-305.3.1.el8_4.noarch.rpmLinux
Kernel-headers update (ELSA-2021-2168) kernel-headers-4.18.0-305.3.1.el8_4.x86_64.rpmLinux
Kernel-modules update (ELSA-2021-2168) kernel-modules-4.18.0-305.3.1.el8_4.x86_64.rpmLinux
Kernel-modules-extra update (ELSA-2021-2168) kernel-modules-extra-4.18.0-305.3.1.el8_4.x86_64.rpmLinux
Kernel-tools update (ELSA-2021-2168) kernel-tools-4.18.0-305.3.1.el8_4.x86_64.rpmLinux
Kernel-tools-libs update (ELSA-2021-2168) kernel-tools-libs-4.18.0-305.3.1.el8_4.x86_64.rpmLinux
Kernel-tools-libs-devel update (ELSA-2021-2168) kernel-tools-libs-devel-4.18.0-305.3.1.el8_4.x86_64.rpmLinux
Perf update (ELSA-2021-2168) perf-4.18.0-305.3.1.el8_4.x86_64.rpmLinux
Python3-perf update (ELSA-2021-2168) python3-perf-4.18.0-305.3.1.el8_4.x86_64.rpmLinux
Linux kernel for OEM systems (USN-4983-1) linux-image-oem-20.04_5.10.0.1029.30_amd64.debLinux
Linux kernel for OEM systems (USN-4983-1) linux-image-oem-20.04b_5.10.0.1029.30_amd64.debLinux
Linux kernel for OEM systems (USN-4983-1) linux-image-5.10.0-1029-oem_5.10.0-1029.30_amd64.debLinux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234