← back
CVE-2021-4095

CVE-2021-4095

EPSS 0.4%CWE-476
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS EPSS 0.4%KEV nãoPoC Nuclei Metasploit Patch referenciado
Lifecycle
08 Mar 2022Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
A NULL pointer dereference was found in the Linux kernel's KVM when dirty ring logging is enabled without an active vCPU context. An unprivileged local attacker on the host may use this flaw to cause a kernel oops condition and thus a denial of service by issuing a KVM_XEN_HVM_SET_ATTR ioctl. This flaw affects Linux kernel versions prior to 5.17-rc1.
Affected products
n/a · kernel

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →