CVE-2021-46977 KVM: VMX: Disable preemption when probing user return MSRs

🗓️ 28 Feb 2024 08:13:08Reported by LinuxType

Resolving CVE-2021-46977 KVM vulnerability in Linux kernel

Reporter	Title	Published	Views	Family All 20
Tenable Nessus	Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.10-2022-002 (ALASKERNEL-5.10-2022-002)	2 May 202200:00	–	nessus
Tenable Nessus	RHEL 6 : kernel (Unpatched Vulnerability)	11 May 202400:00	–	nessus
Tenable Nessus	RHEL 7 : kernel (Unpatched Vulnerability)	11 May 202400:00	–	nessus
Tenable Nessus	TencentOS Server 4: kernel (TSSA-2024:0958)	16 Jun 202500:00	–	nessus
Tenable Nessus	Linux Distros Unpatched Vulnerability : CVE-2021-46977	15 Aug 202500:00	–	nessus
Amazon	Important: kernel	28 Jan 202200:00	–	amazon
BDU FSTEC	The vulnerability of the kvm_pv_send_ipi() function in the arch/x86/include/asm/kvm_host.h module on the Linux operating system’s x86 kernel platform allows a attacker to cause a service failure.	7 Apr 202500:00	–	bdu_fstec
Circl	CVE-2021-46977	29 Feb 202410:11	–	circl
CNNVD	Linux kernel security vulnerabilities	28 Feb 202400:00	–	cnnvd
CVE	CVE-2021-46977	28 Feb 202408:13	–	cve

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "arch/x86/include/asm/kvm_host.h",
      "arch/x86/kvm/vmx/vmx.c",
      "arch/x86/kvm/x86.c"
    ],
    "versions": [
      {
        "version": "4be5341026246870818e28b53202b001426a5aec",
        "lessThan": "31f29749ee970c251b3a7e5b914108425940d089",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "4be5341026246870818e28b53202b001426a5aec",
        "lessThan": "5adcdeb57007ccf8ab7ac20bf787ffb6fafb1a94",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "4be5341026246870818e28b53202b001426a5aec",
        "lessThan": "e3ea1895df719c4ef87862501bb10d95f4177bed",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "4be5341026246870818e28b53202b001426a5aec",
        "lessThan": "5104d7ffcf24749939bea7fdb5378d186473f890",
        "status": "affected",
        "versionType": "git"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "affected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "arch/x86/include/asm/kvm_host.h",
      "arch/x86/kvm/vmx/vmx.c",
      "arch/x86/kvm/x86.c"
    ],
    "versions": [
      {
        "version": "5.5",
        "status": "affected"
      },
      {
        "version": "0",
        "lessThan": "5.5",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "5.10.38",
        "lessThanOrEqual": "5.10.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "5.11.22",
        "lessThanOrEqual": "5.11.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "5.12.5",
        "lessThanOrEqual": "5.12.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "5.13",
        "lessThanOrEqual": "*",
        "status": "unaffected",
        "versionType": "original_commit_for_fix"
      }
    ]
  }
]

Source	Link
git	www.git.kernel.org/stable/c/e3ea1895df719c4ef87862501bb10d95f4177bed
git	www.git.kernel.org/stable/c/31f29749ee970c251b3a7e5b914108425940d089
git	www.git.kernel.org/stable/c/5adcdeb57007ccf8ab7ac20bf787ffb6fafb1a94
git	www.git.kernel.org/stable/c/5104d7ffcf24749939bea7fdb5378d186473f890

11 May 2026 13:45Current

8.6High risk

Vulners AI Score8.6

EPSS0.00232