QwikSec

Security Database

CVE

CWE

Training

CVE-2021-3543

Published: Jun 1, 2021

Modified: Aug 3, 2024

PUBLISHED

Description

A flaw null pointer dereference in the Nitro Enclaves kernel driver was found in the way that Enclaves VMs forces closures on the enclave file descriptor. A local user of a host machine could use this flaw to crash the system or escalate their privileges on the system.

Vendor	Product	Versions
n/a	kernel	affected `kernel 4.18.0`

Weaknesses (CWE)

References

https://bugzilla.redhat.com/show_bug.cgi?id=1953022

x_refsource_MISC

https://lore.kernel.org/lkml/20210429165941.27020-2-andraprs%40amazon.com/

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.