CVE-2021-3543
N/A
N/A
Summary
A flaw null pointer dereference in the Nitro Enclaves kernel driver was found in the way that Enclaves VMs forces closures on the enclave file descriptor. A local user of a host machine could use this flaw to crash the system or escalate their privileges on the system.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | kernel | kernel 4.18.0 | affected |
Weaknesses
- CWE-416: (CWE-416|CWE-476)
ADP Enrichment
CVE Program Container
Additional References
- https://bugzilla.redhat.com/show_bug.cgi?id=1953022
- https://lore.kernel.org/lkml/20210429165941.27020-2-andraprs%40amazon.com/
References
- https://bugzilla.redhat.com/show_bug.cgi?id=1953022
- https://lore.kernel.org/lkml/20210429165941.27020-2-andraprs%40amazon.com/
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.