CVE-2021-47296

Summary

In the Linux kernel, the following vulnerability has been resolved:

KVM: PPC: Fix kvm_arch_vcpu_ioctl vcpu_load leak

vcpu_put is not called if the user copy fails. This can result in preempt notifier corruption and crashes, among other issues.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxb3cebfe8c1cadf1817939dcc3688a2504a69c662 < 9bafc34dc4ad0cef18727c557f21ed3c3304df50affected
LinuxLinuxb3cebfe8c1cadf1817939dcc3688a2504a69c662 < f38527f1890543cdfca8dfd06f75f9887cce6151affected
LinuxLinuxb3cebfe8c1cadf1817939dcc3688a2504a69c662 < e14ef1095387f764d95614d3ec9e4d07c82a3533affected
LinuxLinuxb3cebfe8c1cadf1817939dcc3688a2504a69c662 < a4a488915feaad38345cc01b80d52e8200ff5209affected
LinuxLinuxb3cebfe8c1cadf1817939dcc3688a2504a69c662 < bc4188a2f56e821ea057aca6bf444e138d06c252affected
LinuxLinux4.18affected
LinuxLinux0 < 4.18unaffected
LinuxLinux4.19.199 <= 4.19.*unaffected
LinuxLinux5.4.136 <= 5.4.*unaffected
LinuxLinux5.10.54 <= 5.10.*unaffected
LinuxLinux5.13.6 <= 5.13.*unaffected
LinuxLinux5.14 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References