CVE-2021-46977

UNKNOWN

Published 2024-02-28T08:13:08.489Z

Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2021-46977. We'll provide specific mitigation strategies based on your environment and risk profile.

No CVSS data available

Description

In the Linux kernel, the following vulnerability has been resolved:

KVM: VMX: Disable preemption when probing user return MSRs

Disable preemption when probing a user return MSR via RDSMR/WRMSR. If
the MSR holds a different value per logical CPU, the WRMSR could corrupt
the host's value if KVM is preempted between the RDMSR and WRMSR, and
then rescheduled on a different CPU.

Opportunistically land the helper in common x86, SVM will use the helper
in a future commit.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

Linux

Affected Versions:

4be5341026246870818e28b53202b001426a5aec 4be5341026246870818e28b53202b001426a5aec 4be5341026246870818e28b53202b001426a5aec 4be5341026246870818e28b53202b001426a5aec

Linux

Affected Versions:

5.5 0 5.10.38 5.11.22 5.12.5 5.13

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed MODERATE

GHSA-m99h-2hm4-q649

Advisory Details

In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Disable preemption when probing user return MSRs Disable preemption when probing a user return MSR via RDSMR/WRMSR. If the MSR holds a different value per logical CPU, the WRMSR could corrupt the host's value if KVM is preempted between the RDMSR and WRMSR, and then rescheduled on a different CPU. Opportunistically land the helper in common x86, SVM will use the helper in a future commit.

CVSS Scoring

CVSS Score

5.0

CVSS Vector


                                    CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2021-46977

WEB https://git.kernel.org/stable/c/31f29749ee970c251b3a7e5b914108425940d089

WEB https://git.kernel.org/stable/c/5104d7ffcf24749939bea7fdb5378d186473f890

WEB https://git.kernel.org/stable/c/5adcdeb57007ccf8ab7ac20bf787ffb6fafb1a94

WEB https://git.kernel.org/stable/c/e3ea1895df719c4ef87862501bb10d95f4177bed

Advisory provided by GitHub Security Advisory Database. Published: February 28, 2024, Modified: January 8, 2025

References

https://git.kernel.org/stable/c/31f29749ee970c251b3a7e5b914108425940d089

https://git.kernel.org/stable/c/5adcdeb57007ccf8ab7ac20bf787ffb6fafb1a94

https://git.kernel.org/stable/c/e3ea1895df719c4ef87862501bb10d95f4177bed

https://git.kernel.org/stable/c/5104d7ffcf24749939bea7fdb5378d186473f890

Published: 2024-02-28T08:13:08.489Z

Last Modified: 2025-05-04T07:01:31.473Z

Copied to clipboard!

CVE-2021-46977

Expert Analysis

Description

Available Exploits

Related News

Affected Products

Linux

Affected Versions:

Linux

Affected Versions:

GitHub Security Advisories

Advisory Details

CVSS Scoring

CVSS Score

CVSS Vector

References

References

Request Analysis

What to expect

Request Received!