QwikSec

Security Database

CVE

CWE

Training

CVE-2021-4032

Published: Jan 21, 2022

Modified: Aug 3, 2024

PUBLISHED

Description

A vulnerability was found in the Linux kernel's KVM subsystem in arch/x86/kvm/lapic.c kvm_free_lapic when a failure allocation was detected. In this flaw the KVM subsystem may crash the kernel due to mishandling of memory errors that happens during VCPU construction, which allows an attacker with special user privilege to cause a denial of service. This flaw affects kernel versions prior to 5.15 rc7.

Vendor	Product	Versions
n/a	kernel	affected `kernel 5.15 rc7`

Weaknesses (CWE)

References

https://bugzilla.redhat.com/show_bug.cgi?id=2027403

x_refsource_MISC

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f7d8a19f9a056a05c5c509fa65af472a322abfee

x_refsource_MISC

https://lkml.org/lkml/2021/9/8/587

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.