CVE-2021-47112
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
15/03/2024
Last modified:
13/03/2025
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
x86/kvm: Teardown PV features on boot CPU as well<br />
<br />
Various PV features (Async PF, PV EOI, steal time) work through memory<br />
shared with hypervisor and when we restore from hibernation we must<br />
properly teardown all these features to make sure hypervisor doesn&#39;t<br />
write to stale locations after we jump to the previously hibernated kernel<br />
(which can try to place anything there). For secondary CPUs the job is<br />
already done by kvm_cpu_down_prepare(), register syscore ops to do<br />
the same for boot CPU.
Impact
Base Score 3.x
5.50
Severity 3.x
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.4.125 (excluding) | |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.5 (including) | 5.10.43 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.11 (including) | 5.12.10 (excluding) |
| cpe:2.3:o:linux:linux_kernel:5.13:rc1:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/38b858da1c58ad46519a257764e059e663b59ff2
- https://git.kernel.org/stable/c/7620a669111b52f224d006dea9e1e688e2d62c54
- https://git.kernel.org/stable/c/8b79feffeca28c5459458fe78676b081e87c93a4
- https://git.kernel.org/stable/c/d1629b5b925de9b27979e929dae7fcb766daf6b6
- https://git.kernel.org/stable/c/38b858da1c58ad46519a257764e059e663b59ff2
- https://git.kernel.org/stable/c/7620a669111b52f224d006dea9e1e688e2d62c54
- https://git.kernel.org/stable/c/8b79feffeca28c5459458fe78676b081e87c93a4
- https://git.kernel.org/stable/c/d1629b5b925de9b27979e929dae7fcb766daf6b6