CVE-2021-46977
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
28/02/2024
Last modified:
08/01/2025
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
KVM: VMX: Disable preemption when probing user return MSRs<br />
<br />
Disable preemption when probing a user return MSR via RDSMR/WRMSR. If<br />
the MSR holds a different value per logical CPU, the WRMSR could corrupt<br />
the host&#39;s value if KVM is preempted between the RDMSR and WRMSR, and<br />
then rescheduled on a different CPU.<br />
<br />
Opportunistically land the helper in common x86, SVM will use the helper<br />
in a future commit.
Impact
Base Score 3.x
5.50
Severity 3.x
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.5 (including) | 5.10.38 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.11 (including) | 5.11.22 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.12 (including) | 5.12.5 (excluding) |
| cpe:2.3:o:linux:linux_kernel:5.13:rc1:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/31f29749ee970c251b3a7e5b914108425940d089
- https://git.kernel.org/stable/c/5104d7ffcf24749939bea7fdb5378d186473f890
- https://git.kernel.org/stable/c/5adcdeb57007ccf8ab7ac20bf787ffb6fafb1a94
- https://git.kernel.org/stable/c/e3ea1895df719c4ef87862501bb10d95f4177bed
- https://git.kernel.org/stable/c/31f29749ee970c251b3a7e5b914108425940d089
- https://git.kernel.org/stable/c/5104d7ffcf24749939bea7fdb5378d186473f890
- https://git.kernel.org/stable/c/5adcdeb57007ccf8ab7ac20bf787ffb6fafb1a94
- https://git.kernel.org/stable/c/e3ea1895df719c4ef87862501bb10d95f4177bed