CVE-2021-47062

Published: Feb 29, 2024

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Use online_vcpus, not created_vcpus, to iterate over vCPUs Use the kvm_for_each_vcpu() helper to iterate over vCPUs when encrypting VMSAs for SEV, which effectively switches to use online_vcpus instead of created_vcpus. This fixes a possible null-pointer dereference as created_vcpus does not guarantee a vCPU exists, since it is updated at the very beginning of KVM_CREATE_VCPU. created_vcpus exists to allow the bulk of vCPU creation to run in parallel, while still correctly restricting the max number of max vCPUs.

Vendor	Product	Versions
Linux	Linux	affected `ad73109ae7ec30d5bfb76be108e304f9f0af4829 - < bd0cced2ae93195668f983d443f7f17e8efd24d2` affected `ad73109ae7ec30d5bfb76be108e304f9f0af4829 - < ba7bf5d6336aa9c0d977b161bfa420c56d46ee40` affected `ad73109ae7ec30d5bfb76be108e304f9f0af4829 - < c36b16d29f3af5f32fc1b2a3401bf48f71cabee1`
Linux	Linux	affected `5.11` unaffected `0 - < 5.11` unaffected `5.11.21 - <= 5.11.` unaffected `5.12.4 - <= 5.12.` unaffected `5.13 - <= *`

References

https://git.kernel.org/stable/c/bd0cced2ae93195668f983d443f7f17e8efd24d2

https://git.kernel.org/stable/c/ba7bf5d6336aa9c0d977b161bfa420c56d46ee40

https://git.kernel.org/stable/c/c36b16d29f3af5f32fc1b2a3401bf48f71cabee1

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2021-47062

Description

Affected Products

References