File _patchinfo of Package patchinfo.21166

Overview Repositories Revisions Requests Users Attributes Meta

File _patchinfo of Package patchinfo.21166

<patchinfo incident="21166">
  <issue id="1189278" tracker="bnc">VUL-0: CVE-2021-38198: kernel live patch: arch/x86/kvm/mmu/paging_tmpl.h in the Linux kernel before 5.12.11 incorrectly computes the access permissions of a shadow page</issue>
  <issue id="1189418" tracker="bnc">VUL-0: CVE-2021-3656: kernel live patch: missing validation of the the `virt_ext` VMCB field and allows a malicious L1 guest to disable both VMLOAD/VMSAVE intercepts and VLS for the L2 guest</issue>
  <issue id="1189420" tracker="bnc">VUL-0: CVE-2021-3653: kernel live patch: kvm: missing validation of the `int_ctl` VMCB field and allows a malicious L1 guest to enable AVIC support for the L2 guest.</issue>
  <issue id="2021-3653" tracker="cve" />
  <issue id="2021-3656" tracker="cve" />
  <issue id="2021-38198" tracker="cve" />
  <category>security</category>
  <rating>important</rating>
  <packager>nstange</packager>
  <description>This update for the Linux Kernel 4.12.14-197_89 fixes several issues.

The following security issues were fixed:

- CVE-2021-3653: Fixed missing validation of the KVM `int_ctl` VMCB field that would have allowed a malicious L1 guest to enable AVIC support for the L2 guest (bsc#1189420).
- CVE-2021-3656: Fixed KVM nSVM nested VMLOAD/VMSAVE interception (bsc#1189418).
- CVE-2021-38198: Fixed KVM MMU to use the correct inherited permissions to get shadow page (bsc#1189278).
</description>
<summary>Security update for the Linux Kernel (Live Patch 24 for SLE 15 SP1)</summary>
</patchinfo>

Places

File _patchinfo of Package patchinfo.21166

Places