CVE-2021-4155 XFS data leak flaw allowed for size increase of files with unaligned size.

CVE-2021-4155 XFS data leak flaw allowed for size increase of files with unaligned size.

The problem was discovered by Mauricio Herrera of Red Hat. An attacker needed to execute a specially crafted application to exploit this flaw.

There were no reports of attacks exploiting this flaw. However, the XFS project released a new version with this flaw fixed.

Another vulnerability was found in the way the KVM virtualization implementation in the Linux kernel handled memory address validation. An attacker could use this flaw to access data previously only available to the kernel.
Red Hat Enterprise Linux 7 and Red Hat Enterprise Linux 6 were not vulnerable to this issue. Linux distributions that were updated to fix this issue are Red Hat Enterprise Linux 7 and Red Hat Enterprise Linux 6.
Red Hat Enterprise Linux 7 and Red Hat Enterprise Linux 6 are not vulnerable to another flaw found in the way KVM virtualization implementation in the Linux kernel handled user-mode guest-mode mapping. A local attacker could use this flaw to host malicious guest machines. Red Hat Enterprise Linux 7 and Red Hat Enterprise Linux 6 were not vulnerable to a flaw in the way KVM virtualization implementation in the Linux kernel handled user-mode guest-mode mapping. A local attacker could use this flaw to host malicious guest machines.
Red Hat Enterprise Linux 7 and Red Hat Enterprise Linux 6 were not vulnerable to a flaw in the way KVM virtualization implementation in the Linux kernel handled user-mode guest-mode mapping

What is Red Hat Enterprise Linux?

Red Hat Enterprise Linux is a popular open source platform that provides stability, flexibility, and scalability.

Red Hat Enterprise Linux 7, 2.6 and 2.4 are not vulnerable to this issue

The vulnerability was discovered by David Howells of Red Hat. An attacker needed to execute a specially crafted application to exploit this flaw.

The Linux kernel was not vulnerable to this issue.
Red Hat Enterprise Linux 7, 2.6 and 2.4 are not vulnerable to another flaw found in the way KVM virtualization implementation in the Linux kernel handled user-mode guest-mode mapping. A local attacker could use this flaw to host malicious guest machines.
Red Hat Enterprise Linux 7, 2.6 and 2.4 are not vulnerable to a flaw in the way KVM virtualization implementation in the Linux kernel handled user-mode guest-mode mapping

Overview of Red Hat Enterprise Linux 7 and Red Hat Enterprise Linux 6

Red Hat Enterprise Linux 7 and Red Hat Enterprise Linux 6 are the latest versions of this popular enterprise operating system. These operating systems have the latest security updates and patches, which makes them a safe choice for businesses.

References

Subscribe to CVE.news
Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.
jamie@example.com
Subscribe