What the vulnerability does

01Description

A flaw was found in the way RTAS handled memory accesses in userspace to kernel communication. On a locked down (usually due to Secure Boot) guest system running on top of PowerVM or KVM hypervisors (pseries platform) a root like local user could use this flaw to further increase their privileges to that of a running kernel.

Key dates

02Disclosure timeline

December 15, 2020 CVE published
August 4, 2024 Record updated

Related vulnerabilities

04Related CVE