kernel-3.10.0-1160.45.1.el7
エラータID: AXSA:2021-2485:23
リリース日:
2021/10/18 Monday - 07:43
題名:
kernel-3.10.0-1160.45.1.el7
影響のあるチャネル:
Asianux Server 7 for x86_64
Severity:
High
Description:
以下項目について対処しました。
[Security Fix]
- KVM には、VM_IO|VM_PFNMAP vmas の不適切な処理により読み込み専用チェッ
クをバイパスし、VMM とゲストがアクセス可能な状態でページが解放される問
題があるため、VM を起動および制御可能なユーザーにより、メモリのランダ
ムなページを読み書きを介して、特権昇格が可能となる脆弱性が存在します。
(CVE-2021-22543)
- KVM の SVM ネスト仮想化をサポートするための AMD 向けのコードには、
int_ctl フィールドの検証に問題があるため、悪意のある L1 ゲスト OS 上の
ユーザーにより、巧妙に細工された VMCB (仮想マシン制御ブロック) の処理
を介して、L2 ゲストによる物理ホスト上のメモリのアクセス、サービス拒否
(システムクラッシュ) 状態など様々な影響を及ぼすことが可能となる脆弱性
が存在します。(CVE-2021-3653)
- KVM の SVM ネスト仮想化をサポートするための AMD 向けのコードには、
int_ctl フィールドの検証に問題があるため、悪意のある L1 ゲスト OS 上の
ユーザーにより、巧妙に細工された VMCB (仮想マシン制御ブロック) の処理
を介して、L2 ゲストによる物理ホスト上のメモリのアクセス、サービス拒否
(システムクラッシュ) 状態など様々な影響を及ぼすことが可能となる脆弱性
が存在します。(CVE-2021-3656)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2021-22543
An issue was discovered in Linux: KVM through Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks and can lead to pages being freed while still accessible by the VMM and guest. This allows users with the ability to start and control a VM to read/write random pages of memory and can result in local privilege escalation.
An issue was discovered in Linux: KVM through Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks and can lead to pages being freed while still accessible by the VMM and guest. This allows users with the ability to start and control a VM to read/write random pages of memory and can result in local privilege escalation.
CVE-2021-3653
A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the "int_ctl" field, this issue could allow a malicious L1 to enable AVIC support (Advanced Virtual Interrupt Controller) for the L2 guest. As a result, the L2 guest would be allowed to read/write physical pages of the host, resulting in a crash of the entire system, leak of sensitive data or potential guest-to-host escape. This flaw affects Linux kernel versions prior to 5.14-rc7.
A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the "int_ctl" field, this issue could allow a malicious L1 to enable AVIC support (Advanced Virtual Interrupt Controller) for the L2 guest. As a result, the L2 guest would be allowed to read/write physical pages of the host, resulting in a crash of the entire system, leak of sensitive data or potential guest-to-host escape. This flaw affects Linux kernel versions prior to 5.14-rc7.
CVE-2021-3656
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
CVE-2021-37576
arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest OS users to cause host OS memory corruption via rtas_args.nargs, aka CID-f62f3c20647e.
arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest OS users to cause host OS memory corruption via rtas_args.nargs, aka CID-f62f3c20647e.
追加情報:
N/A
ダウンロード:
SRPMS
- kernel-3.10.0-1160.45.1.el7.src.rpm
MD5: 0fdbd8a127bb66abcc01ef3f1c7f7d08
SHA-256: 36d470751191d5708949e89c7b9d10abf6ef1a4ca930fd96dd539bd2c06e7edf
Size: 98.72 MB
Asianux Server 7 for x86_64
- bpftool-3.10.0-1160.45.1.el7.x86_64.rpm
MD5: 827eaee0b42031b5c5913a3cafb7959b
SHA-256: d2a7447a342daf43ada8841bec8bd555129667feffa5edf7785ed6e72ebebf76
Size: 8.48 MB - kernel-3.10.0-1160.45.1.el7.x86_64.rpm
MD5: b8d8a8bcd39f9e050870018e6c92f667
SHA-256: e69731b04c1ec280741750fbba05b50349def18c4bfe19b0acf193c426624953
Size: 50.33 MB - kernel-debug-3.10.0-1160.45.1.el7.x86_64.rpm
MD5: 6967cf6262aeee8c1fe06ac8f53a4feb
SHA-256: d579af54cdf803d45a0b34098ccb98a1a412c6380165eb32f928d92bd119ab15
Size: 52.62 MB - kernel-debug-devel-3.10.0-1160.45.1.el7.x86_64.rpm
MD5: 1df2fc2f5d7e78f334725e2130d49264
SHA-256: 94de01d859d73d0f827bb1766e54691343deb58781f2f135d9c95f43548d1b12
Size: 18.04 MB - kernel-devel-3.10.0-1160.45.1.el7.x86_64.rpm
MD5: 0e3f04a655c7c42e196cb653449b0f4a
SHA-256: d1d74a08ce002336bed79ef850c8a640edac0518ca30e29f093d1c89cb37f540
Size: 17.97 MB - kernel-doc-3.10.0-1160.45.1.el7.noarch.rpm
MD5: b6cf0b526ec54024a23166c24276d8dc
SHA-256: 5b0cb2d351e0b5abe5fa2a33f6c6508ce372521d39bc61346f8eb992c899db7e
Size: 19.51 MB - kernel-headers-3.10.0-1160.45.1.el7.x86_64.rpm
MD5: 690c1983297b646cd86e23ba9f8ffb89
SHA-256: 7d4af70148cf11d7e3c9fe31459da89ae721e1461564ed05ecc7297d165a5705
Size: 9.04 MB - kernel-tools-3.10.0-1160.45.1.el7.x86_64.rpm
MD5: 67bc2ad731668b3c740a69e402f3b380
SHA-256: ee45335c8ee71ee8e66cdf2779780ec68d88a7f847bf23132f43506057b38cbe
Size: 8.15 MB - kernel-tools-libs-3.10.0-1160.45.1.el7.x86_64.rpm
MD5: 6cc1901aa3a2a98c03da8f1d86987e4b
SHA-256: 0d865e68c84fce7faa451e54b1258fcb41a8383ca60db5e270d5c558062da788
Size: 8.05 MB - perf-3.10.0-1160.45.1.el7.x86_64.rpm
MD5: 4a3a4b2c923e5ca7bb034d9b1fc57fdc
SHA-256: e63f1f07e0b9c27031a9838728b927f69f4dd972fb5f5a0d89fa9d49810edd12
Size: 9.69 MB - python-perf-3.10.0-1160.45.1.el7.x86_64.rpm
MD5: 202634da5a1a4f06110b65a414704b16
SHA-256: 35761835eea8a03a9b195d97a0154e8b5309a1c67f324a49e25f34147b2ea5f4
Size: 8.14 MB