CVE-2021-22543
HIGHLinux Kernel - Use-After-Free via KVM VM_IO|VM_PFNMAP Handling
Title source: llmDescription
An issue was discovered in Linux: KVM through Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks and can lead to pages being freed while still accessible by the VMM and guest. This allows users with the ability to start and control a VM to read/write random pages of memory and can result in local privilege escalation.
References (7)
Core 7
Core References
Exploit, Third Party Advisory x_refsource_misc
https://github.com/google/security-research/security/advisories/GHSA-7wq5-phmq-m584
Mailing List mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2021/06/26/1
Mailing List, Third Party Advisory vendor-advisory
x_refsource_fedora
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4G5YBUVEPHZYXMKNGBZ3S6INFCTEEL4E/
Mailing List, Third Party Advisory vendor-advisory
x_refsource_fedora
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ROQIXQB7ZAWI3KSGSHR6H5RDUWZI775S/
Third Party Advisory x_refsource_confirm
https://security.netapp.com/advisory/ntap-20210708-0002/
Mailing List, Third Party Advisory mailing-list
x_refsource_mlist
https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html
Mailing List, Third Party Advisory mailing-list
x_refsource_mlist
https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html
Scores
CVSS v3
7.8
EPSS
0.0001
EPSS Percentile
3.0%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-119
Status
published
Products (14)
debian/debian_linux
9.0
fedoraproject/fedora
33
fedoraproject/fedora
34
linux/linux_kernel
2021-05-18
netapp/cloud_backup
netapp/h300e_firmware
netapp/h300s_firmware
netapp/h410c_firmware
netapp/h410s_firmware
netapp/h500e_firmware
... and 4 more
Published
May 26, 2021
Tracked Since
Feb 18, 2026