CVE-2021-47450

2024-05-2207:15:10

Debian Security Bug Tracker

security-tracker.debian.org

linux kernel

vulnerability

resolved

6.5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix host stage-2 PGD refcount The KVM page-table library refcounts the pages of concatenated stage-2 PGDs individually. However, when running KVM in protected mode, the host’s stage-2 PGD is currently managed by EL2 as a single high-order compound page, which can cause the refcount of the tail pages to reach 0 when they shouldn’t, hence corrupting the page-table. Fix this by introducing a new hyp_split_page() helper in the EL2 page allocator (matching the kernel’s split_page() function), and make use of it from host_s2_zalloc_pages_exact().

OSVersionArchitecturePackageVersionFilename
Debian12alllinux< 5.15.3-1linux_5.15.3-1_all.deb
Debian11alllinux< 5.10.209-2linux_5.10.209-2_all.deb
Debian10alllinux< 4.19.249-2linux_4.19.249-2_all.deb
Debian999alllinux< 5.15.3-1linux_5.15.3-1_all.deb
Debian13alllinux< 5.15.3-1linux_5.15.3-1_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	12	all	linux	< 5.15.3-1	linux_5.15.3-1_all.deb
Debian	11	all	linux	< 5.10.209-2	linux_5.10.209-2_all.deb
Debian	10	all	linux	< 4.19.249-2	linux_4.19.249-2_all.deb
Debian	999	all	linux	< 5.15.3-1	linux_5.15.3-1_all.deb
Debian	13	all	linux	< 5.15.3-1	linux_5.15.3-1_all.deb