Rewterz Threat Alert –Phobos Ransomware – Active IOCs
August 16, 2021Rewterz Threat Advisory –CVE-2021-35936 – Apache Airflow Security Vulnerability
August 17, 2021Rewterz Threat Alert –Phobos Ransomware – Active IOCs
August 16, 2021Rewterz Threat Advisory –CVE-2021-35936 – Apache Airflow Security Vulnerability
August 17, 2021Severity
High
Analysis Summary
CVE-2021-3656 ; CVE-2021-3653
Linux Kernel is vulnerable to a denial of service, caused by improper input validation of the “virt_ext” VMCB field. By sending a specially crafted request, a locally authenticated attacker could exploit this vulnerability to cause the system to crash or obtain sensitive information from the physical memory.
Impact
- Denial of Services
Affected Vendors
- Linux
Affected Products
- Linux Kernel 4.13.0
- Linux Kernel 4.15
- Linux Kernel 4.14
- Linux Kernel 4.16
- Linux Kernel 4.17
- Linux Kernel 4.18
- Linux Kernel 4.19
- Linux Kernel 4.20
Remediation
Refer to this advisory for the patch, upgrade, or suggested workaround information.