CVE-2021-4093
Description
A flaw was found in the KVMs AMD code for supporting the Secure Encrypted Virtualization-Encrypted State (SEV-ES). A KVM guest using SEV-ES can trigger out-of-bounds reads and writes in the host kernel via a malicious VMGEXIT for a string I/O instruction (for example, outs or ins) using the exit reason SVM_EXIT_IOIO. This issue results in a crash of the entire system or a potential guest-to-host escape scenario.
Risk Information
Base Score
8.8
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.09
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Linux kernel (USN-5265-1) linux-image-aws_5.13.0.1012.13_amd64.deb | Linux |
| Linux kernel (USN-5265-1) linux-image-aws_5.13.0.1015.16~20.04.8_amd64.deb | Linux |
| Linux kernel (USN-5265-1) linux-image-gcp_5.13.0.1013.12_amd64.deb | Linux |
| Linux kernel (USN-5265-1) linux-image-gcp_5.13.0.1015.18~20.04.2_amd64.deb | Linux |
| Linux kernel (USN-5265-1) linux-image-gke_5.13.0.1013.12_amd64.deb | Linux |
| Linux kernel (USN-5265-1) linux-image-kvm_5.13.0.1011.11_amd64.deb | Linux |
| Linux kernel (USN-5265-1) linux-image-oracle_5.13.0.1016.16_amd64.deb | Linux |
| Linux kernel (USN-5265-1) linux-image-oracle_5.13.0.1019.23~20.04.1_amd64.deb | Linux |
| Linux kernel (USN-5265-1) linux-image-generic_5.13.0.28.38_amd64.deb | Linux |
| Linux kernel (USN-5265-1) linux-image-virtual_5.13.0.28.38_amd64.deb | Linux |
| Linux kernel (USN-5265-1) linux-image-oem-20.04_5.13.0.28.38_amd64.deb | Linux |
| Linux kernel (USN-5265-1) linux-image-lowlatency_5.13.0.28.38_amd64.deb | Linux |
| Linux kernel (USN-5265-1) linux-image-oem-20.04c_5.13.0.1029.31_amd64.deb | Linux |
| Linux kernel (USN-5265-1) linux-image-5.11.0-1029-gcp_5.11.0-1029.33~20.04.3_amd64.deb | Linux |
| Linux kernel (USN-5265-1) linux-image-5.13.0-1011-kvm_5.13.0-1011.12_amd64.deb | Linux |
| Linux kernel (USN-5265-1) linux-image-5.13.0-1012-aws_5.13.0-1012.13_amd64.deb | Linux |
| Linux kernel (USN-5265-1) linux-image-5.13.0-1013-gcp_5.13.0-1013.16_amd64.deb | Linux |
| Linux kernel (USN-5265-1) linux-image-5.13.0-1029-oem_5.13.0-1029.36_amd64.deb | Linux |
| Linux kernel (USN-5265-1) linux-image-5.13.0-28-generic_5.13.0-28.31_amd64.deb | Linux |
| Linux kernel (USN-5265-1) linux-image-5.13.0-28-generic_5.13.0-28.31~20.04.1_amd64.deb | Linux |
| Linux kernel (USN-5265-1) linux-image-generic-hwe-20.04_5.13.0.28.31~20.04.15_amd64.deb | Linux |
| Linux kernel (USN-5265-1) linux-image-virtual-hwe-20.04_5.13.0.28.31~20.04.15_amd64.deb | Linux |
| Linux kernel (USN-5265-1) linux-image-5.11.0-1028-oracle_5.11.0-1028.31~20.04.1_amd64.deb | Linux |
| Linux kernel (USN-5265-1) linux-image-5.13.0-1016-oracle_5.13.0-1016.20_amd64.deb | Linux |
| Linux kernel (USN-5265-1) linux-image-5.13.0-28-lowlatency_5.13.0-28.31_amd64.deb | Linux |
| Linux kernel (USN-5265-1) linux-image-5.13.0-28-lowlatency_5.13.0-28.31~20.04.1_amd64.deb | Linux |
| Linux kernel (USN-5265-1) linux-image-lowlatency-hwe-20.04_5.13.0.28.31~20.04.15_amd64.deb | Linux |
| Linux kernel (USN-5265-1) linux-image-5.11.0-1028-azure_5.11.0-1028.31~20.04.2_amd64.deb | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234