Insecure Access Control

2022-03-2618:16:14

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

0.0004 Low

EPSS

Percentile

5.1%

JSON

linux is vulnerable to insecure access control. The vulnerability exists due to a flaw in kvm_s390_guest_sida_op in the arch/s390/kvm/kvm-s390.c function in KVM allowing an attacker to obtain unauthorized memory write access.

CPENameOperatorVersion
linux-gkeop:focaleq5.4.0.1010.13
linux-kvm:focaleq5.4.0.1009.9
linux-kvm:focaleq5.4.0.1024.22
linux-kvm:focaleq5.4.0.1026.24
linux-kvm:focaleq5.4.0.1020.19
linux-kvm:focaleq5.4.0.1023.21
linux-aws:focaleq5.4.0.1024.25
linux-aws:focaleq5.4.0.1021.22
linux-aws:focaleq5.4.0.1029.30
linux-aws:focaleq5.4.0.1025.26

Name	Operator	Version
linux-gkeop:focal	eq	5.4.0.1010.13
linux-kvm:focal	eq	5.4.0.1009.9
linux-kvm:focal	eq	5.4.0.1024.22
linux-kvm:focal	eq	5.4.0.1026.24
linux-kvm:focal	eq	5.4.0.1020.19
linux-kvm:focal	eq	5.4.0.1023.21
linux-aws:focal	eq	5.4.0.1024.25
linux-aws:focal	eq	5.4.0.1021.22
linux-aws:focal	eq	5.4.0.1029.30
linux-aws:focal	eq	5.4.0.1025.26