Lucene search
LinuxCVELIST:CVE-2021-47061HistoryFeb 29, 2024 - 10:37 p.m.
CVE-2021-47061 KVM: Destroy I/O bus devices on unregister failure _after_ sync'ing SRCU
2024-02-2922:37:35
Linux
www.cve.org
7
linux kernel
kvm
i/o bus
unregister
vulnerability fix
use-after-free
In the Linux kernel, the following vulnerability has been resolved:
KVM: Destroy I/O bus devices on unregister failure after sync’ing SRCU
If allocating a new instance of an I/O bus fails when unregistering a
device, wait to destroy the device until after all readers are guaranteed
to see the new null bus. Destroying devices before the bus is nullified
could lead to use-after-free since readers expect the devices on their
reference of the bus to remain valid.
CNA Affected
[
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "unaffected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"virt/kvm/kvm_main.c"
],
"versions": [
{
"version": "f65886606c2d",
"lessThan": "03c6cccedd39",
"status": "affected",
"versionType": "git"
},
{
"version": "f65886606c2d",
"lessThan": "4e899ca84863",
"status": "affected",
"versionType": "git"
},
{
"version": "f65886606c2d",
"lessThan": "30f46c699373",
"status": "affected",
"versionType": "git"
},
{
"version": "f65886606c2d",
"lessThan": "2ee3757424be",
"status": "affected",
"versionType": "git"
}
]
},
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "affected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"virt/kvm/kvm_main.c"
],
"versions": [
{
"version": "5.9",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.9",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.10.37",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.11.21",
"lessThanOrEqual": "5.11.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.12.4",
"lessThanOrEqual": "5.12.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.13",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
]
}
]Related
vulnrichment
vulnrichment
nvd
nvd
CVE-2021-47061
2024-02-29 23:15:07
redhatcve
redhatcve
CVE-2021-47061
2024-03-01 05:01:46
ubuntucve
ubuntucve
CVE-2021-47061
2024-02-29 00:00:00
debiancve
debiancve
CVE-2021-47061
2024-02-29 23:15:07
cve
cve
CVE-2021-47061
2024-02-29 23:15:07
openvas
openvas
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2024-1570)
2024-05-10 00:00:00
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2024-2002)
2024-07-19 00:00:00
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2024-1984)
2024-07-19 00:00:00
nessus
nessus
EulerOS 2.0 SP10 : kernel (EulerOS-SA-2024-1570)
2024-05-09 00:00:00
EulerOS Virtualization 2.10.1 : kernel (EulerOS-SA-2024-2002)
2024-07-18 00:00:00
EulerOS Virtualization 2.10.0 : kernel (EulerOS-SA-2024-1984)
2024-07-18 00:00:00