VYPR
High severity8.6NVD Advisory· Published Nov 24, 2021· Updated Jun 17, 2026

CVE-2021-28706

CVE-2021-28706

Description

guests may exceed their designated memory limit When a guest is permitted to have close to 16TiB of memory, it may be able to issue hypercalls to increase its memory allocation beyond the administrator established limit. This is a result of a calculation done with 32-bit precision, which may overflow. It would then only be the overflowed (and hence small) number which gets compared against the established upper bound.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

34

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.