CVE-2021-3656
high-risk
Published 2022-03-04
A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the "virt_ext" field, this issue could allow a malicious L1 to disable both VMLOAD/VMSAVE intercepts and VLS (Virtual VMLOAD/VMSAVE) for the L2 guest. As a result, the L2 guest would be allowed to read/write physical pages of the host, resulting in a crash of the entire system, leak of sensitive data or potential guest-to-host escape.
Do I need to act?
-
0.07% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
8
CVSS 8.8/10
High
LOCAL
/ LOW complexity
Affected Products (20)
Affected Vendors
References (8)
Issue Tracking
https://bugzilla.redhat.com/show_bug.cgi?id=1983988
Issue Tracking
https://bugzilla.redhat.com/show_bug.cgi?id=1983988
54
/ 100
high-risk
Severity
27/34 · High
Exploitability
0/34 · Minimal
Exposure
27/34 · High