Back to bug 2028584
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Guilherme de Almeida Suckevicz | 2021-12-02 17:07:54 UTC | Depends On | 2028585 | |
| Mauro Matteo Cascella | 2021-12-03 11:48:44 UTC | Fixed In Version | kernel 5.15 | |
| Mauro Matteo Cascella | 2021-12-10 10:29:30 UTC | Doc Text | A flaw was found in the KVM's AMD code for supporting Secure Encrypted Virtualization-Encrypted State (SEV-ES). A KVM guest using SEV-ES can trigger out-of-bounds reads and writes in the host kernel via a malicious VMGEXIT for a string I/O instruction (e.g. outs or ins) using the exit reason SVM_EXIT_IOIO. This could result in a crash of the entire system or potential guest-to-host escape scenario. | |
| Mauro Matteo Cascella | 2021-12-10 13:34:19 UTC | Depends On | 2031090, 2031089, 2031091 | |
| Marian Rehak | 2021-12-10 14:27:17 UTC | Alias | CVE-2021-4093 | |
| Summary | kernel: KVM: SVM: out-of-bounds read/write in sev_es_string_io | CVE-2021-4093 kernel: KVM: SVM: out-of-bounds read/write in sev_es_string_io | ||
| Marian Rehak | 2021-12-10 14:28:02 UTC | Blocks | 2031109 | |
| Mauro Matteo Cascella | 2021-12-10 15:34:05 UTC | Comment | 3 | updated |
| Mauro Matteo Cascella | 2021-12-14 11:50:26 UTC | Depends On | 2009340 | |
| Mauro Matteo Cascella | 2021-12-14 11:50:59 UTC | Depends On | 2009338 | |
| RaTasha Tillery-Smith | 2021-12-17 14:59:17 UTC | Doc Text | A flaw was found in the KVM's AMD code for supporting Secure Encrypted Virtualization-Encrypted State (SEV-ES). A KVM guest using SEV-ES can trigger out-of-bounds reads and writes in the host kernel via a malicious VMGEXIT for a string I/O instruction (e.g. outs or ins) using the exit reason SVM_EXIT_IOIO. This could result in a crash of the entire system or potential guest-to-host escape scenario. | A flaw was found in the KVM's AMD code for supporting the Secure Encrypted Virtualization-Encrypted State (SEV-ES). A KVM guest using SEV-ES can trigger out-of-bounds reads and writes in the host kernel via a malicious VMGEXIT for a string I/O instruction (for example, outs or ins) using the exit reason SVM_EXIT_IOIO. This issue results in a crash of the entire system or a potential guest-to-host escape scenario. |
| Mauro Matteo Cascella | 2022-05-13 08:40:26 UTC | Comment 6 is private | 1 | 0 |
| CC | mcascell | |||
| Red Hat Bugzilla | 2022-06-04 08:04:43 UTC | CC | fpacheco | |
| Red Hat Bugzilla | 2022-07-16 03:20:35 UTC | CC | brdeoliv | |
| Red Hat Bugzilla | 2022-12-31 23:36:14 UTC | CC | fhrbata | |
| Mauro Matteo Cascella | 2023-03-29 12:20:06 UTC | Depends On | 2006441 | |
| Red Hat Bugzilla | 2023-04-01 08:41:55 UTC | CC | dhoward | |
| Red Hat Bugzilla | 2023-07-07 08:33:05 UTC | Assignee | security-response-team | nobody |
Back to bug 2028584