kvmtool hypervisor escape and host code execution

author: Paul Wise <pabs@debian.org> 2022-02-19 14:15:25 +0800
committer: Paul Wise <pabs@debian.org> 2022-02-19 14:15:25 +0800
commit: ff984450c41ed8ee4d02bb901782c2f16d33cb19 (patch)
tree: 486d7b510ae4b7a789bd089be222656163364dd7 /data/CVE/2021.list
parent: 497b0cbe107eabbe283d3f4b2142962184578fd7 (diff)
1 files changed, 3 insertions, 1 deletions
diff --git a/data/CVE/2021.list b/data/CVE/2021.list
index 1bde18ce41..aff89e418b 100644
--- a/data/CVE/2021.list
+++ b/data/CVE/2021.list
@@ -3095,8 +3095,10 @@ CVE-2021-4159 [bpf: Verifer, adjust_scalar_min_max_vals to always call update_re
 	RESERVED
 	- linux 5.7.6-1
 	NOTE: Fixed by: https://git.kernel.org/linus/294f2fc6da27620a506e6c050241655459ccd6bd (5.7-rc1)
-CVE-2021-45464
+CVE-2021-45464 [hypervisor escape and host code execution]
 	RESERVED
+	- kvmtool <unfixed>
+	NOTE: https://www.kalmarunionen.dk/writeups/2021/hxp-2021/lkvm/
 CVE-2021-45463 (load_cache in GEGL before 0.4.34 allows shell expansion when a pathnam ...)
 	- gegl 1:0.4.34-1 (bug #1002661)
 	[bullseye] - gegl <no-dsa> (Minor issue)
author	Paul Wise <pabs@debian.org>	2022-02-19 14:15:25 +0800
committer	Paul Wise <pabs@debian.org>	2022-02-19 14:15:25 +0800
commit	ff984450c41ed8ee4d02bb901782c2f16d33cb19 (patch)
tree	486d7b510ae4b7a789bd089be222656163364dd7 /data/CVE/2021.list
parent	497b0cbe107eabbe283d3f4b2142962184578fd7 (diff)