#VU56018 Buffer overflow


Published: 2021-08-20

Vulnerability identifier: #VU56018

Vulnerability risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-22543

CWE-ID: CWE-119

Exploitation vector: Local

Exploit availability: Yes

Vulnerable software:
Linux kernel
Operating systems & Components / Operating system

Vendor: Linux Foundation

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error in Linux kernel when handling VM_IO|VM_PFNMAP vmas in KVM. A local user can  can bypass RO checks and cause the pages to get freed while still accessible by the VMM and guest. As a result, an attacker with the ability to start and control a VM to read/write random pages of memory, can trigger memory corruption and execute arbitrary code with elevated privileges.


Mitigation
Install updates from vendor's website.

Vulnerable software versions

Linux kernel: All versions


CPE

External links
http://github.com/google/security-research/security/advisories/GHSA-7wq5-phmq-m584
http://www.openwall.com/lists/oss-security/2021/06/26/1
http://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ROQIXQB7ZAWI3KSGSHR6H5RDUWZI775S/
http://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4G5YBUVEPHZYXMKNGBZ3S6INFCTEEL4E/


Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?


Latest bulletins with this vulnerability