CVE-2021-4095 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	Low
Remote	No
Type	Denial of service
Description	A security issue has been found in the Linux kernel. There is a NULL pointer dereference in kvm_dirty_ring_get() in virt/kvm/dirty_ring.c via a KVM KVM_XEN_HVM_SET_ATTR ioctl when there is no vCPU created.

Group	Package	Affected	Fixed	Severity	Status
AVG-1881	linux-hardened	5.15.7.hardened1-1		Medium	Vulnerable
AVG-1880	linux-zen	5.15.8.zen1-1		Medium	Vulnerable
AVG-1879	linux	5.15.8.arch1-1		Medium	Vulnerable
AVG-1741	linux-lts	5.10.85-1	5.15.2-1	Medium	Fixed

References
https://www.openwall.com/lists/oss-security/2021/12/14/2 https://bugzilla.redhat.com/show_bug.cgi?id=2031194 https://lore.kernel.org/kvm/CAFcO6XOmoS7EacN_n6v4Txk7xL7iqRa2gABg3F7E3Naf5uG94g@mail.gmail.com/T/ https://patchwork.kernel.org/project/kvm/patch/20211121125451.9489-12-dwmw2@infradead.org/

References

https://www.openwall.com/lists/oss-security/2021/12/14/2
https://bugzilla.redhat.com/show_bug.cgi?id=2031194
https://lore.kernel.org/kvm/CAFcO6XOmoS7EacN_n6v4Txk7xL7iqRa2gABg3F7E3Naf5uG94g@mail.gmail.com/T/
https://patchwork.kernel.org/project/kvm/patch/20211121125451.9489-12-dwmw2@infradead.org/