CVE-2021-47450

Summary

In the Linux kernel, the following vulnerability has been resolved:

KVM: arm64: Fix host stage-2 PGD refcount

The KVM page-table library refcounts the pages of concatenated stage-2 PGDs individually. However, when running KVM in protected mode, the host's stage-2 PGD is currently managed by EL2 as a single high-order compound page, which can cause the refcount of the tail pages to reach 0 when they shouldn't, hence corrupting the page-table.

Fix this by introducing a new hyp_split_page() helper in the EL2 page allocator (matching the kernel's split_page() function), and make use of it from host_s2_zalloc_pages_exact().

Affected Software

VendorProductVersion RangeStatus
LinuxLinux1025c8c0c6accfcbdc8f52ca1940160f65cd87d6 < b372264c66ef78f2cab44e877fbd765ad6d24c39affected
LinuxLinux1025c8c0c6accfcbdc8f52ca1940160f65cd87d6 < 1d58a17ef54599506d44c45ac95be27273a4d2b1affected
LinuxLinux5.13affected
LinuxLinux0 < 5.13unaffected
LinuxLinux5.14.15 <= 5.14.*unaffected
LinuxLinux5.15 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References