CVE-2021-45464

NameCVE-2021-45464
Descriptionkvmtool through 39181fc allows an out-of-bounds write, related to virtio/balloon.c and virtio/pci.c. This allows a guest OS user to execute arbitrary code on the host machine.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
Debian Bugs1006290

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
kvmtoolsource(unstable)(unfixed)1006290

Notes

https://www.kalmarunionen.dk/writeups/2021/hxp-2021/lkvm/

Search for package or bug name: Reporting problems