[Git][security-tracker-team/security-tracker][master] kvmtool hypervisor escape and host code execution
Paul Wise (@pabs)
pabs at debian.org
Sat Feb 19 06:17:34 GMT 2022
Paul Wise pushed to branch master at Debian Security Tracker / security-tracker
Commits:
def2c675 by Paul Wise at 2022-02-19T14:15:25+08:00
kvmtool hypervisor escape and host code execution
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -11846,8 +11846,10 @@ CVE-2021-4159 [bpf: Verifer, adjust_scalar_min_max_vals to always call update_re
RESERVED
- linux 5.7.6-1
NOTE: Fixed by: https://git.kernel.org/linus/294f2fc6da27620a506e6c050241655459ccd6bd (5.7-rc1)
-CVE-2021-45464
+CVE-2021-45464 [hypervisor escape and host code execution]
RESERVED
+ - kvmtool <unfixed>
+ NOTE: https://www.kalmarunionen.dk/writeups/2021/hxp-2021/lkvm/
CVE-2021-45463 (load_cache in GEGL before 0.4.34 allows shell expansion when a pathnam ...)
- gegl 1:0.4.34-1 (bug #1002661)
[bullseye] - gegl <no-dsa> (Minor issue)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/def2c67556de3d9df5d525676700e3ae5db59846
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/def2c67556de3d9df5d525676700e3ae5db59846
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220219/a4593559/attachment.htm>
More information about the debian-security-tracker-commits
mailing list