Risk | Low |
Patch available | YES |
Number of vulnerabilities | 1 |
CVE-ID | CVE-2021-47277 |
CWE-ID | CWE-125 |
Exploitation vector | Local |
Public exploit | N/A |
Vulnerable software Subscribe |
Linux kernel Operating systems & Components / Operating system |
Vendor | Linux Foundation |
Security Bulletin
This security bulletin contains one low risk vulnerability.
EUVDB-ID: #VU90296
Risk: Low
CVSSv3.1: 3.2 [AV:L/AC:L/PR:L/UI:U/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-47277
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the include/linux/kvm_host.h. A local user can perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsLinux kernel: All versions
External linkshttp://git.kernel.org/stable/c/3098b86390a6b9ea52657689f08410baf130ceff
http://git.kernel.org/stable/c/740621309b25bbf619b8a0ba5fd50a8e58989441
http://git.kernel.org/stable/c/361ce3b917aff93123e9e966d8608655c967f438
http://git.kernel.org/stable/c/22b87fb17a28d37331bb9c1110737627b17f6781
http://git.kernel.org/stable/c/bff1fbf0cf0712686f1df59a83fba6e31d2746a0
http://git.kernel.org/stable/c/7af299b97734c7e7f465b42a2139ce4d77246975
http://git.kernel.org/stable/c/ed0e2a893092c7fcb4ff7ba74e5efce53a6f5940
http://git.kernel.org/stable/c/da27a83fd6cc7780fea190e1f5c19e87019da65c
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.