Out-of-Range Access Vulnerability in Linux Kernel's KVM Subsystem (CID-0774a964ef56)

Out-of-Range Access Vulnerability in Linux Kernel's KVM Subsystem (CID-0774a964ef56)

CVE-2020-36313 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

An issue was discovered in the Linux kernel before 5.7. The KVM subsystem allows out-of-range access to memslots after a deletion, aka CID-0774a964ef56. This affects arch/s390/kvm/kvm-s390.c, include/linux/kvm_host.h, and virt/kvm/kvm_main.c.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.