summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSalvatore Bonaccorso <carnil@debian.org>2021-08-16 14:48:24 +0200
committerSalvatore Bonaccorso <carnil@debian.org>2021-08-16 14:48:24 +0200
commitf8eee1adb710b3e0f34c1de31ea191262147a692 (patch)
treeb52b65f840901bdb1fdd0a77afadb3ef2a319f6d
parent0bef0f2b5f3d8374dfaf8ecde8d9d2f2ad4167be (diff)
Add CVE-2021-3653 and CVE-2021-3656
Diffstat
-rw-r--r--active/CVE-2021-365312
-rw-r--r--active/CVE-2021-365614
2 files changed, 26 insertions, 0 deletions
diff --git a/active/CVE-2021-3653 b/active/CVE-2021-3653
new file mode 100644
index 000000000..55f94ee59
--- /dev/null
+++ b/active/CVE-2021-3653
@@ -0,0 +1,12 @@
+Description: KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl
+References:
+Notes:
+Bugs:
+upstream: needed
+5.10-upstream-stable: needed
+4.19-upstream-stable: needed
+4.9-upstream-stable: needed
+sid: needed
+5.10-bullseye-security: needed
+4.19-buster-security: needed
+4.9-stretch-security: needed
diff --git a/active/CVE-2021-3656 b/active/CVE-2021-3656
new file mode 100644
index 000000000..117b2fcc1
--- /dev/null
+++ b/active/CVE-2021-3656
@@ -0,0 +1,14 @@
+Description: KVM: nSVM: always intercept VMLOAD/VMSAVE when nested
+References:
+Notes:
+ carnil> Issue introduced in 4.13-rc1 with 89c8a4984fc9 ("KVM: SVM:
+ carnil> Enable Virtual VMLOAD VMSAVE feature").
+Bugs:
+upstream: needed
+5.10-upstream-stable: needed
+4.19-upstream-stable: needed
+4.9-upstream-stable: N/A "Vulnerable code not present"
+sid: needed
+5.10-bullseye-security: needed
+4.19-buster-security: needed
+4.9-stretch-security: N/A "Vulnerable code not present"

© 2014-2024 Faster IT GmbH | imprint | privacy policy