CVE-2021-3656
See a problem?- Source
- https://nvd.nist.gov/vuln/detail/CVE-2021-3656
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-3656.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2021-3656
- Related
- Published
- 2022-03-04T19:15:08Z
- Modified
- 2024-09-18T03:58:12.881198Z
- Severity
-
- 8.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the "virt_ext" field, this issue could allow a malicious L1 to disable both VMLOAD/VMSAVE intercepts and VLS (Virtual VMLOAD/VMSAVE) for the L2 guest. As a result, the L2 guest would be allowed to read/write physical pages of the host, resulting in a crash of the entire system, leak of sensitive data or potential guest-to-host escape.
- References
-
- https://www.openwall.com/lists/oss-security/2021/08/16/1
- https://git.kernel.org/pub/scm/virt/kvm/kvm.git/commit/?id=c7dfa4009965a9b2d7b329ee970eb8da0d32f0bc
- https://github.com/torvalds/linux/commit/c7dfa4009965a9b2d7b329ee970eb8da0d32f0bc
- https://bugzilla.redhat.com/show_bug.cgi?id=1983988
- https://security-tracker.debian.org/tracker/CVE-2021-3656
Affected packages
Debian:11 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:12 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:13 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Git / github.com/torvalds/linux
Affected ranges
- Type
- GIT
- Repo
- https://github.com/torvalds/linux
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
v2.*
v2.6.12
v2.6.12-rc2
v2.6.12-rc3
v2.6.12-rc4
v2.6.12-rc5
v2.6.12-rc6
v2.6.13
v2.6.13-rc1
v2.6.13-rc2
v2.6.13-rc3
v2.6.13-rc4
v2.6.13-rc5
v2.6.13-rc6
v2.6.13-rc7
v2.6.14
v2.6.14-rc1
v2.6.14-rc2
v2.6.14-rc3
v2.6.14-rc4
v2.6.14-rc5
v2.6.15
v2.6.15-rc1
v2.6.15-rc2
v2.6.15-rc3
v2.6.15-rc4
v2.6.15-rc5
v2.6.15-rc6
v2.6.15-rc7
v2.6.16
v2.6.16-rc1
v2.6.16-rc2
v2.6.16-rc3
v2.6.16-rc4
v2.6.16-rc5
v2.6.16-rc6
v2.6.17
v2.6.17-rc1
v2.6.17-rc2
v2.6.17-rc3
v2.6.17-rc4
v2.6.17-rc5
v2.6.17-rc6
v2.6.18
v2.6.18-rc1
v2.6.18-rc2
v2.6.18-rc3
v2.6.18-rc4
v2.6.18-rc5
v2.6.18-rc6
v2.6.18-rc7
v2.6.19
v2.6.19-rc1
v2.6.19-rc2
v2.6.19-rc3
v2.6.19-rc4
v2.6.19-rc5
v2.6.19-rc6
v2.6.20
v2.6.20-rc1
v2.6.20-rc2
v2.6.20-rc3
v2.6.20-rc4
v2.6.20-rc5
v2.6.20-rc6
v2.6.20-rc7
v2.6.21
v2.6.21-rc1
v2.6.21-rc2
v2.6.21-rc3
v2.6.21-rc4
v2.6.21-rc5
v2.6.21-rc6
v2.6.21-rc7
v2.6.22
v2.6.22-rc1
v2.6.22-rc2
v2.6.22-rc3
v2.6.22-rc4
v2.6.22-rc5
v2.6.22-rc6
v2.6.22-rc7
v2.6.23
v2.6.23-rc1
v2.6.23-rc2
v2.6.23-rc3
v2.6.23-rc4
v2.6.23-rc5
v2.6.23-rc6
v2.6.23-rc7
v2.6.23-rc8
v2.6.23-rc9
v2.6.24
v2.6.24-rc1
v2.6.24-rc2
v2.6.24-rc3
v2.6.24-rc4
v2.6.24-rc5
v2.6.24-rc6
v2.6.24-rc7
v2.6.24-rc8
v2.6.25
v2.6.25-rc1
v2.6.25-rc2
v2.6.25-rc3
v2.6.25-rc4
v2.6.25-rc5
v2.6.25-rc6
v2.6.25-rc7
v2.6.25-rc8
v2.6.25-rc9
v2.6.26
v2.6.26-rc1
v2.6.26-rc2
v2.6.26-rc3
v2.6.26-rc4
v2.6.26-rc5
v2.6.26-rc6
v2.6.26-rc7
v2.6.26-rc8
v2.6.26-rc9
v2.6.27
v2.6.27-rc1
v2.6.27-rc2
v2.6.27-rc3
v2.6.27-rc4
v2.6.27-rc5
v2.6.27-rc6
v2.6.27-rc7
v2.6.27-rc8
v2.6.27-rc9
v2.6.28
v2.6.28-rc1
v2.6.28-rc2
v2.6.28-rc3
v2.6.28-rc4
v2.6.28-rc5
v2.6.28-rc6
v2.6.28-rc7
v2.6.28-rc8
v2.6.28-rc9
v2.6.29
v2.6.29-rc1
v2.6.29-rc2
v2.6.29-rc3
v2.6.29-rc4
v2.6.29-rc5
v2.6.29-rc6
v2.6.29-rc7
v2.6.29-rc8
v2.6.30
v2.6.30-rc1
v2.6.30-rc2
v2.6.30-rc3
v2.6.30-rc4
v2.6.30-rc5
v2.6.30-rc6
v2.6.30-rc7
v2.6.30-rc8
v2.6.31
v2.6.31-rc1
v2.6.31-rc2
v2.6.31-rc3
v2.6.31-rc4
v2.6.31-rc5
v2.6.31-rc6
v2.6.31-rc7
v2.6.31-rc8
v2.6.31-rc9
v2.6.32
v2.6.32-rc1
v2.6.32-rc2
v2.6.32-rc3
v2.6.32-rc4
v2.6.32-rc5
v2.6.32-rc6
v2.6.32-rc7
v2.6.32-rc8
v2.6.33
v2.6.33-rc1
v2.6.33-rc2
v2.6.33-rc3
v2.6.33-rc4
v2.6.33-rc5
v2.6.33-rc6
v2.6.33-rc7
v2.6.33-rc8
v2.6.34
v2.6.34-rc1
v2.6.34-rc2
v2.6.34-rc3
v2.6.34-rc4
v2.6.34-rc5
v2.6.34-rc6
v2.6.34-rc7
v2.6.35
v2.6.35-rc1
v2.6.35-rc2
v2.6.35-rc3
v2.6.35-rc4
v2.6.35-rc5
v2.6.35-rc6
v2.6.36
v2.6.36-rc1
v2.6.36-rc2
v2.6.36-rc3
v2.6.36-rc4
v2.6.36-rc5
v2.6.36-rc6
v2.6.36-rc7
v2.6.36-rc8
v2.6.37
v2.6.37-rc1
v2.6.37-rc2
v2.6.37-rc3
v2.6.37-rc4
v2.6.37-rc5
v2.6.37-rc6
v2.6.37-rc7
v2.6.37-rc8
v2.6.38
v2.6.38-rc1
v2.6.38-rc2
v2.6.38-rc3
v2.6.38-rc4
v2.6.38-rc5
v2.6.38-rc6
v2.6.38-rc7
v2.6.38-rc8
v2.6.39
v2.6.39-rc1
v2.6.39-rc2
v2.6.39-rc3
v2.6.39-rc4
v2.6.39-rc5
v2.6.39-rc6
v2.6.39-rc7
v3.*
v3.0
v3.0-rc1
v3.0-rc2
v3.0-rc3
v3.0-rc4
v3.0-rc5
v3.0-rc6
v3.0-rc7
v3.1
v3.1-rc1
v3.1-rc10
v3.1-rc2
v3.1-rc3
v3.1-rc4
v3.1-rc5
v3.1-rc6
v3.1-rc7
v3.1-rc8
v3.1-rc9
v3.10
v3.10-rc1
v3.10-rc2
v3.10-rc3
v3.10-rc4
v3.10-rc5
v3.10-rc6
v3.10-rc7
v3.11
v3.11-rc1
v3.11-rc2
v3.11-rc3
v3.11-rc4
v3.11-rc5
v3.11-rc6
v3.11-rc7
v3.12
v3.12-rc1
v3.12-rc2
v3.12-rc3
v3.12-rc4
v3.12-rc5
v3.12-rc6
v3.12-rc7
v3.13
v3.13-rc1
v3.13-rc2
v3.13-rc3
v3.13-rc4
v3.13-rc5
v3.13-rc6
v3.13-rc7
v3.13-rc8
v3.14
v3.14-rc1
v3.14-rc2
v3.14-rc3
v3.14-rc4
v3.14-rc5
v3.14-rc6
v3.14-rc7
v3.14-rc8
v3.15
v3.15-rc1
v3.15-rc2
v3.15-rc3
v3.15-rc4
v3.15-rc5
v3.15-rc6
v3.15-rc7
v3.15-rc8
v3.16
v3.16-rc1
v3.16-rc2
v3.16-rc3
v3.16-rc4
v3.16-rc5
v3.16-rc6
v3.16-rc7
v3.17
v3.17-rc1
v3.17-rc2
v3.17-rc3
v3.17-rc4
v3.17-rc5
v3.17-rc6
v3.17-rc7
v3.18
v3.18-rc1
v3.18-rc2
v3.18-rc3
v3.18-rc4
v3.18-rc5
v3.18-rc6
v3.18-rc7
v3.19
v3.19-rc1
v3.19-rc2
v3.19-rc3
v3.19-rc4
v3.19-rc5
v3.19-rc6
v3.19-rc7
v3.2
v3.2-rc1
v3.2-rc2
v3.2-rc3
v3.2-rc4
v3.2-rc5
v3.2-rc6
v3.2-rc7
v3.3
v3.3-rc1
v3.3-rc2
v3.3-rc3
v3.3-rc4
v3.3-rc5
v3.3-rc6
v3.3-rc7
v3.4
v3.4-rc1
v3.4-rc2
v3.4-rc3
v3.4-rc4
v3.4-rc5
v3.4-rc6
v3.4-rc7
v3.5
v3.5-rc1
v3.5-rc2
v3.5-rc3
v3.5-rc4
v3.5-rc5
v3.5-rc6
v3.5-rc7
v3.6
v3.6-rc1
v3.6-rc2
v3.6-rc3
v3.6-rc4
v3.6-rc5
v3.6-rc6
v3.6-rc7
v3.7
v3.7-rc1
v3.7-rc2
v3.7-rc3
v3.7-rc4
v3.7-rc5
v3.7-rc6
v3.7-rc7
v3.7-rc8
v3.8
v3.8-rc1
v3.8-rc2
v3.8-rc3
v3.8-rc4
v3.8-rc5
v3.8-rc6
v3.8-rc7
v3.9
v3.9-rc1
v3.9-rc2
v3.9-rc3
v3.9-rc4
v3.9-rc5
v3.9-rc6
v3.9-rc7
v3.9-rc8
v4.*
v4.0
v4.0-rc1
v4.0-rc2
v4.0-rc3
v4.0-rc4
v4.0-rc5
v4.0-rc6
v4.0-rc7
v4.1
v4.1-rc1
v4.1-rc2
v4.1-rc3
v4.1-rc4
v4.1-rc5
v4.1-rc6
v4.1-rc7
v4.1-rc8
v4.10
v4.10-rc1
v4.10-rc2
v4.10-rc3
v4.10-rc4
v4.10-rc5
v4.10-rc6
v4.10-rc7
v4.10-rc8
v4.11
v4.11-rc1
v4.11-rc2
v4.11-rc3
v4.11-rc4
v4.11-rc5
v4.11-rc6
v4.11-rc7
v4.11-rc8
v4.12
v4.12-rc1
v4.12-rc2
v4.12-rc3
v4.12-rc4
v4.12-rc5
v4.12-rc6
v4.12-rc7
v4.13
v4.13-rc1
v4.13-rc2
v4.13-rc3
v4.13-rc4
v4.13-rc5
v4.13-rc6
v4.13-rc7
v4.14
v4.14-rc1
v4.14-rc2
v4.14-rc3
v4.14-rc4
v4.14-rc5
v4.14-rc6
v4.14-rc7
v4.14-rc8
v4.15
v4.15-rc1
v4.15-rc2
v4.15-rc3
v4.15-rc4
v4.15-rc5
v4.15-rc6
v4.15-rc7
v4.15-rc8
v4.15-rc9
v4.16
v4.16-rc1
v4.16-rc2
v4.16-rc3
v4.16-rc4
v4.16-rc5
v4.16-rc6
v4.16-rc7
v4.17
v4.17-rc1
v4.17-rc2
v4.17-rc3
v4.17-rc4
v4.17-rc5
v4.17-rc6
v4.17-rc7
v4.18
v4.18-rc1
v4.18-rc2
v4.18-rc3
v4.18-rc4
v4.18-rc5
v4.18-rc6
v4.18-rc7
v4.18-rc8
v4.19
v4.19-rc1
v4.19-rc2
v4.19-rc3
v4.19-rc4
v4.19-rc5
v4.19-rc6
v4.19-rc7
v4.19-rc8
v4.2
v4.2-rc1
v4.2-rc2
v4.2-rc3
v4.2-rc4
v4.2-rc5
v4.2-rc6
v4.2-rc7
v4.2-rc8
v4.20
v4.20-rc1
v4.20-rc2
v4.20-rc3
v4.20-rc4
v4.20-rc5
v4.20-rc6
v4.20-rc7
v4.3
v4.3-rc1
v4.3-rc2
v4.3-rc3
v4.3-rc4
v4.3-rc5
v4.3-rc6
v4.3-rc7
v4.4
v4.4-rc1
v4.4-rc2
v4.4-rc3
v4.4-rc4
v4.4-rc5
v4.4-rc6
v4.4-rc7
v4.4-rc8
v4.5
v4.5-rc1
v4.5-rc2
v4.5-rc3
v4.5-rc4
v4.5-rc5
v4.5-rc6
v4.5-rc7
v4.6
v4.6-rc1
v4.6-rc2
v4.6-rc3
v4.6-rc4
v4.6-rc5
v4.6-rc6
v4.6-rc7
v4.7
v4.7-rc1
v4.7-rc2
v4.7-rc3
v4.7-rc4
v4.7-rc5
v4.7-rc6
v4.7-rc7
v4.8
v4.8-rc1
v4.8-rc2
v4.8-rc3
v4.8-rc4
v4.8-rc5
v4.8-rc6
v4.8-rc7
v4.8-rc8
v4.9
v4.9-rc1
v4.9-rc2
v4.9-rc3
v4.9-rc4
v4.9-rc5
v4.9-rc6
v4.9-rc7
v4.9-rc8
v5.*
v5.0
v5.0-rc1
v5.0-rc2
v5.0-rc3
v5.0-rc4
v5.0-rc5
v5.0-rc6
v5.0-rc7
v5.0-rc8
v5.1
v5.1-rc1
v5.1-rc2
v5.1-rc3
v5.1-rc4
v5.1-rc5
v5.1-rc6
v5.1-rc7
v5.10
v5.10-rc1
v5.10-rc2
v5.10-rc3
v5.10-rc4
v5.10-rc5
v5.10-rc6
v5.10-rc7
v5.11
v5.11-rc1
v5.11-rc2
v5.11-rc3
v5.11-rc4
v5.11-rc5
v5.11-rc6
v5.11-rc7
v5.12
v5.12-rc1-dontuse
v5.12-rc2
v5.12-rc3
v5.12-rc4
v5.12-rc5
v5.12-rc6
v5.12-rc7
v5.12-rc8
v5.13
v5.13-rc1
v5.13-rc2
v5.13-rc3
v5.13-rc4
v5.13-rc5
v5.13-rc6
v5.13-rc7
v5.14-rc1
v5.14-rc2
v5.2
v5.2-rc1
v5.2-rc2
v5.2-rc3
v5.2-rc4
v5.2-rc5
v5.2-rc6
v5.2-rc7
v5.3
v5.3-rc1
v5.3-rc2
v5.3-rc3
v5.3-rc4
v5.3-rc5
v5.3-rc6
v5.3-rc7
v5.3-rc8
v5.4
v5.4-rc1
v5.4-rc2
v5.4-rc3
v5.4-rc4
v5.4-rc5
v5.4-rc6
v5.4-rc7
v5.4-rc8
v5.5
v5.5-rc1
v5.5-rc2
v5.5-rc3
v5.5-rc4
v5.5-rc5
v5.5-rc6
v5.5-rc7
v5.6
v5.6-rc1
v5.6-rc2
v5.6-rc3
v5.6-rc4
v5.6-rc5
v5.6-rc6
v5.6-rc7
v5.7
v5.7-rc1
v5.7-rc2
v5.7-rc3
v5.7-rc4
v5.7-rc5
v5.7-rc6
v5.7-rc7
v5.8
v5.8-rc1
v5.8-rc2
v5.8-rc3
v5.8-rc4
v5.8-rc5
v5.8-rc6
v5.8-rc7
v5.9
v5.9-rc1
v5.9-rc2
v5.9-rc3
v5.9-rc4
v5.9-rc5
v5.9-rc6
v5.9-rc7
v5.9-rc8