CVE-2021-47110

2024-03-1521:15:06

Debian Security Bug Tracker

security-tracker.debian.org

linux kernel

vulnerability

x86/kvm

memory corruption

hibernate

7.3 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

15.7%

JSON

In the Linux kernel, the following vulnerability has been resolved: x86/kvm: Disable kvmclock on all CPUs on shutdown Currenly, we disable kvmclock from machine_shutdown() hook and this only happens for boot CPU. We need to disable it for all CPUs to guard against memory corruption e.g. on restore from hibernate. Note, writing ‘0’ to kvmclock MSR doesn’t clear memory location, it just prevents hypervisor from updating the location so for the short while after write and while CPU is still alive, the clock remains usable and correct so we don’t need to switch to some other clocksource.

OSVersionArchitecturePackageVersionFilename
Debian12alllinux< 5.10.46-1linux_5.10.46-1_all.deb
Debian11alllinux< 5.10.46-1linux_5.10.46-1_all.deb
Debian10alllinux<= 4.19.249-2linux_4.19.249-2_all.deb
Debian999alllinux< 5.10.46-1linux_5.10.46-1_all.deb
Debian13alllinux< 5.10.46-1linux_5.10.46-1_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	12	all	linux	< 5.10.46-1	linux_5.10.46-1_all.deb
Debian	11	all	linux	< 5.10.46-1	linux_5.10.46-1_all.deb
Debian	10	all	linux	<= 4.19.249-2	linux_4.19.249-2_all.deb
Debian	999	all	linux	< 5.10.46-1	linux_5.10.46-1_all.deb
Debian	13	all	linux	< 5.10.46-1	linux_5.10.46-1_all.deb