CVE-2021-46967
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
27/02/2024
Last modified:
06/12/2024
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
vhost-vdpa: fix vm_flags for virtqueue doorbell mapping<br />
<br />
The virtqueue doorbell is usually implemented via registeres but we<br />
don&#39;t provide the necessary vma->flags like VM_PFNMAP. This may cause<br />
several issues e.g when userspace tries to map the doorbell via vhost<br />
IOTLB, kernel may panic due to the page is not backed by page<br />
structure. This patch fixes this by setting the necessary<br />
vm_flags. With this patch, try to map doorbell via IOTLB will fail<br />
with bad address.
Impact
Base Score 3.x
5.50
Severity 3.x
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.8 (including) | 5.10.36 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.11 (including) | 5.11.20 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.12 (including) | 5.12.3 (excluding) |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/3a3e0fad16d40a2aa68ddf7eea4acdf48b22dd44
- https://git.kernel.org/stable/c/3b8b6399666a29daa30b0bb3f5c9e3fc81c5a6a6
- https://git.kernel.org/stable/c/93dbbf20e3ffad14f04227a0b7105f6e6f0387ce
- https://git.kernel.org/stable/c/940230a5c31e2714722aee04c521a21f484b4df7
- https://git.kernel.org/stable/c/3a3e0fad16d40a2aa68ddf7eea4acdf48b22dd44
- https://git.kernel.org/stable/c/3b8b6399666a29daa30b0bb3f5c9e3fc81c5a6a6
- https://git.kernel.org/stable/c/93dbbf20e3ffad14f04227a0b7105f6e6f0387ce
- https://git.kernel.org/stable/c/940230a5c31e2714722aee04c521a21f484b4df7