Rewterz Threat Advisory – CVE-2021-20461 – IBM Cognos Analytics Vulnerability
July 1, 2021Rewterz Threat Alert – LockBit Ransomware targeting Network – Active IOCs
July 1, 2021Rewterz Threat Advisory – CVE-2021-20461 – IBM Cognos Analytics Vulnerability
July 1, 2021Rewterz Threat Alert – LockBit Ransomware targeting Network – Active IOCs
July 1, 2021Severity
Medium
Analysis Summary
CVE-2021-29657
Linux Kernel could allow a locally authenticated attacker to bypass security restrictions, caused by a time-of-check time-of-use (TOCTOU) race condition in the n nested_svm_vmrun function in KVM. By sending a specially crafted request, an attacker could exploit this vulnerability to gain unrestricted access to host MSRs.
Impact
- Bypass security
- Unauthorized Access
Affected Vendors
Linux
Affected Products
- Linux Kernel 5.10
- Linux Kernel 5.11
- Linux Kernel 5.11.11
Remediation
Refer to Linux Kernel GIT Repository for the patch, upgrade, or suggested workaround information.