CVE-2021-47062

MEDIUM

Linux Kernel 5.11-5.11.20 - NULL Pointer Dereference in KVM SVM VMSA Encryption

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Use online_vcpus, not created_vcpus, to iterate over vCPUs Use the kvm_for_each_vcpu() helper to iterate over vCPUs when encrypting VMSAs for SEV, which effectively switches to use online_vcpus instead of created_vcpus. This fixes a possible null-pointer dereference as created_vcpus does not guarantee a vCPU exists, since it is updated at the very beginning of KVM_CREATE_VCPU. created_vcpus exists to allow the bulk of vCPU creation to run in parallel, while still correctly restricting the max number of max vCPUs.

References (3)

Core 3

Core References

Patch

https://git.kernel.org/stable/c/bd0cced2ae93195668f983d443f7f17e8efd24d2

Patch

https://git.kernel.org/stable/c/ba7bf5d6336aa9c0d977b161bfa420c56d46ee40

Patch

https://git.kernel.org/stable/c/c36b16d29f3af5f32fc1b2a3401bf48f71cabee1

Scores

CVSS v3 5.5

EPSS 0.0022

EPSS Percentile 12.7%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-476

Status published

Products (9)

Linux/Linux < 5.11

Linux/Linux 5.11

Linux/Linux 5.11.21 - 5.11.*

Linux/Linux 5.12.4 - 5.12.*

Linux/Linux 5.13

Linux/Linux ad73109ae7ec30d5bfb76be108e304f9f0af4829 - ba7bf5d6336aa9c0d977b161bfa420c56d46ee40

Linux/Linux ad73109ae7ec30d5bfb76be108e304f9f0af4829 - bd0cced2ae93195668f983d443f7f17e8efd24d2

Linux/Linux ad73109ae7ec30d5bfb76be108e304f9f0af4829 - c36b16d29f3af5f32fc1b2a3401bf48f71cabee1

linux/linux_kernel 5.11 - 5.11.21

Published Feb 29, 2024

Tracked Since Feb 18, 2026