Lucene search
416baaa9-dc9f-4396-8d5f-8c081fb06d67CVE-2021-47110HistoryMar 15, 2024 - 9:15 p.m.
CVE-2021-47110
2024-03-1521:15:06
416baaa9-dc9f-4396-8d5f-8c081fb06d67
web.nvd.nist.gov
30
cve-2021-47110
linux kernel
vulnerability
x86
kvm
kvmclock
memory corruption
hibernate
nvd
In the Linux kernel, the following vulnerability has been resolved:
x86/kvm: Disable kvmclock on all CPUs on shutdown
Currenly, we disable kvmclock from machine_shutdown() hook and this
only happens for boot CPU. We need to disable it for all CPUs to
guard against memory corruption e.g. on restore from hibernate.
Note, writing ‘0’ to kvmclock MSR doesn’t clear memory location, it
just prevents hypervisor from updating the location so for the short
while after write and while CPU is still alive, the clock remains usable
and correct so we don’t need to switch to some other clocksource.
Affected configurations
Node
linuxlinux_kernelRange5.4.0–5.4.125
ORlinuxlinux_kernelRange5.5.0–5.10.43
ORlinuxlinux_kernelRange5.11.0–5.12.10
ORlinuxlinux_kernelRange5.13.0≥
| Vendor | Product | Version | CPE |
|---|---|---|---|
| linux | linux_kernel | * | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| linux | linux_kernel | * | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| linux | linux_kernel | * | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| linux | linux_kernel | * | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "unaffected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"arch/x86/include/asm/kvm_para.h",
"arch/x86/kernel/kvm.c",
"arch/x86/kernel/kvmclock.c"
],
"versions": [
{
"version": "1da177e4c3f4",
"lessThan": "9084fe1b3572",
"status": "affected",
"versionType": "git"
},
{
"version": "1da177e4c3f4",
"lessThan": "3b0becf8b1ec",
"status": "affected",
"versionType": "git"
},
{
"version": "1da177e4c3f4",
"lessThan": "1df2dc09926f",
"status": "affected",
"versionType": "git"
},
{
"version": "1da177e4c3f4",
"lessThan": "c02027b5742b",
"status": "affected",
"versionType": "git"
}
]
},
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "affected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"arch/x86/include/asm/kvm_para.h",
"arch/x86/kernel/kvm.c",
"arch/x86/kernel/kvmclock.c"
],
"versions": [
{
"version": "5.4.125",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.10.43",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.12.10",
"lessThanOrEqual": "5.12.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.13",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
]
}
]Related
cvelist
cvelist
CVE-2021-47110 x86/kvm: Disable kvmclock on all CPUs on shutdown
2024-03-15 20:14:19
vulnrichment
vulnrichment
CVE-2021-47110 x86/kvm: Disable kvmclock on all CPUs on shutdown
2024-03-15 20:14:19
debiancve
debiancve
CVE-2021-47110
2024-03-15 21:15:06
redhatcve
redhatcve
CVE-2021-47110
2024-03-16 19:07:23
nvd
nvd
CVE-2021-47110
2024-03-15 21:15:06
ubuntucve
ubuntucve
CVE-2021-47110
2024-03-15 00:00:00
amazon
amazon
Important: kernel
2024-06-19 18:46:00
Important: kernel
2024-06-19 19:15:00
nessus
nessus
Amazon Linux AMI : kernel (ALAS-2024-1942)
2024-06-24 00:00:00
Amazon Linux 2 : kernel (ALAS-2024-2581)
2024-06-24 00:00:00
Amazon Linux 2 : kernel (ALASKERNEL-5.4-2022-004)
2022-05-02 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2024-1592)
2024-05-10 00:00:00
SUSE: Security Advisory (SUSE-SU-2024:1643-1)
2024-05-15 00:00:00