From ff984450c41ed8ee4d02bb901782c2f16d33cb19 Mon Sep 17 00:00:00 2001
From: Paul Wise <pabs@debian.org>
Date: Sat, 19 Feb 2022 14:15:25 +0800
Subject: kvmtool hypervisor escape and host code execution

---
 data/CVE/2021.list | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'data/CVE/2021.list')

diff --git a/data/CVE/2021.list b/data/CVE/2021.list
index 1bde18ce41..aff89e418b 100644
--- a/data/CVE/2021.list
+++ b/data/CVE/2021.list
@@ -3095,8 +3095,10 @@ CVE-2021-4159 [bpf: Verifer, adjust_scalar_min_max_vals to always call update_re
 	RESERVED
 	- linux 5.7.6-1
 	NOTE: Fixed by: https://git.kernel.org/linus/294f2fc6da27620a506e6c050241655459ccd6bd (5.7-rc1)
-CVE-2021-45464
+CVE-2021-45464 [hypervisor escape and host code execution]
 	RESERVED
+	- kvmtool <unfixed>
+	NOTE: https://www.kalmarunionen.dk/writeups/2021/hxp-2021/lkvm/
 CVE-2021-45463 (load_cache in GEGL before 0.4.34 allows shell expansion when a pathnam ...)
 	- gegl 1:0.4.34-1 (bug #1002661)
 	[bullseye] - gegl <no-dsa> (Minor issue)
-- 
cgit v1.2.3