Rapid7 Vulnerability & Exploit Database

SUSE: CVE-2021-26342: SUSE Linux Security Advisory

Free InsightVM Trial No Credit Card Necessary

Watch Demo See how it all works

Back to Search

SUSE: CVE-2021-26342: SUSE Linux Security Advisory

Severity

CVSS

(AV:L/AC:L/Au:N/C:P/I:N/A:N)

Published

05/11/2022

Created

10/26/2022

Added

10/26/2022

Modified

10/26/2022

Description

In SEV guest VMs, the CPU may fail to flush the Translation Lookaside Buffer (TLB) following a particular sequence of operations that includes creation of a new virtual machine control block (VMCB). The failure to flush the TLB may cause the microcode to use stale TLB translations which may allow for disclosure of SEV guest memory contents. Users of SEV-ES/SEV-SNP guest VMs are not impacted by this vulnerability.

Solution(s)

suse-upgrade-kernel-firmware
suse-upgrade-kernel-firmware-all
suse-upgrade-kernel-firmware-amdgpu
suse-upgrade-kernel-firmware-ath10k
suse-upgrade-kernel-firmware-ath11k
suse-upgrade-kernel-firmware-atheros
suse-upgrade-kernel-firmware-bluetooth
suse-upgrade-kernel-firmware-bnx2
suse-upgrade-kernel-firmware-brcm
suse-upgrade-kernel-firmware-chelsio
suse-upgrade-kernel-firmware-dpaa2
suse-upgrade-kernel-firmware-i915
suse-upgrade-kernel-firmware-intel
suse-upgrade-kernel-firmware-iwlwifi
suse-upgrade-kernel-firmware-liquidio
suse-upgrade-kernel-firmware-marvell
suse-upgrade-kernel-firmware-media
suse-upgrade-kernel-firmware-mediatek
suse-upgrade-kernel-firmware-mellanox
suse-upgrade-kernel-firmware-mwifiex
suse-upgrade-kernel-firmware-network
suse-upgrade-kernel-firmware-nfp
suse-upgrade-kernel-firmware-nvidia
suse-upgrade-kernel-firmware-platform
suse-upgrade-kernel-firmware-prestera
suse-upgrade-kernel-firmware-qcom
suse-upgrade-kernel-firmware-qlogic
suse-upgrade-kernel-firmware-radeon
suse-upgrade-kernel-firmware-realtek
suse-upgrade-kernel-firmware-serial
suse-upgrade-kernel-firmware-sound
suse-upgrade-kernel-firmware-ti
suse-upgrade-kernel-firmware-ueagle
suse-upgrade-kernel-firmware-usb-network
suse-upgrade-ucode-amd

References

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;

Rapid7 Vulnerability & Exploit Database

SUSE: CVE-2021-26342: SUSE Linux Security Advisory

SUSE: CVE-2021-26342: SUSE Linux Security Advisory

Description

Solution(s)

References

Success! Thank you for submission. We will be in touch shortly.

Oops! There was a problem in submission. Please try again.

Submit your information and we will get in touch with you.