CVE-2021-47008

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> KVM: SVM: Make sure GHCB is mapped before updating<br /> <br /> Access to the GHCB is mainly in the VMGEXIT path and it is known that the<br /> GHCB will be mapped. But there are two paths where it is possible the GHCB<br /> might not be mapped.<br /> <br /> The sev_vcpu_deliver_sipi_vector() routine will update the GHCB to inform<br /> the caller of the AP Reset Hold NAE event that a SIPI has been delivered.<br /> However, if a SIPI is performed without a corresponding AP Reset Hold,<br /> then the GHCB might not be mapped (depending on the previous VMEXIT),<br /> which will result in a NULL pointer dereference.<br /> <br /> The svm_complete_emulated_msr() routine will update the GHCB to inform<br /> the caller of a RDMSR/WRMSR operation about any errors. While it is likely<br /> that the GHCB will be mapped in this situation, add a safe guard<br /> in this path to be certain a NULL pointer dereference is not encountered.