CVE-2021-4095
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
2Exploited in Wild
-Decision
Descriptions
A NULL pointer dereference was found in the Linux kernel's KVM when dirty ring logging is enabled without an active vCPU context. An unprivileged local attacker on the host may use this flaw to cause a kernel oops condition and thus a denial of service by issuing a KVM_XEN_HVM_SET_ATTR ioctl. This flaw affects Linux kernel versions prior to 5.17-rc1.
Se encontró una desreferencia de puntero NULL en el KVM del kernel de Linux cuando se habilita el registro de anillo sucio sin un contexto de vCPU activo. Un atacante local no privilegiado en el host puede usar este fallo para causar una condición de oops del kernel y, por tanto, una denegación de servicio emitiendo un ioctl KVM_XEN_HVM_SET_ATTR. Este fallo afecta a el kernel de Linux versiones anteriores a 5.17-rc1
CVSS Scores
SSVC
- Decision:-
Timeline
- 2021-12-10 CVE Reserved
- 2022-03-08 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-03 CVE Updated
- 2024-08-03 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-476: NULL Pointer Dereference
CAPEC
References (4)
URL | Tag | Source |
---|
URL | Date | SRC |
---|---|---|
http://www.openwall.com/lists/oss-security/2022/01/17/1 | 2024-08-03 | |
https://bugzilla.redhat.com/show_bug.cgi?id=2031194 | 2024-08-03 |
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | <= 5.16 Search vendor "Linux" for product "Linux Kernel" and version " <= 5.16" | - |
Affected
| ||||||
Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | 34 Search vendor "Fedoraproject" for product "Fedora" and version "34" | - |
Affected
| ||||||
Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | 35 Search vendor "Fedoraproject" for product "Fedora" and version "35" | - |
Affected
|