CVE-2021-47450

Published: May 22, 2024

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix host stage-2 PGD refcount The KVM page-table library refcounts the pages of concatenated stage-2 PGDs individually. However, when running KVM in protected mode, the host's stage-2 PGD is currently managed by EL2 as a single high-order compound page, which can cause the refcount of the tail pages to reach 0 when they shouldn't, hence corrupting the page-table. Fix this by introducing a new hyp_split_page() helper in the EL2 page allocator (matching the kernel's split_page() function), and make use of it from host_s2_zalloc_pages_exact().

Vendor	Product	Versions
Linux	Linux	affected `1025c8c0c6accfcbdc8f52ca1940160f65cd87d6 - < b372264c66ef78f2cab44e877fbd765ad6d24c39` affected `1025c8c0c6accfcbdc8f52ca1940160f65cd87d6 - < 1d58a17ef54599506d44c45ac95be27273a4d2b1`
Linux	Linux	affected `5.13` unaffected `0 - < 5.13` unaffected `5.14.15 - <= 5.14.` unaffected `5.15 - <= `

References

https://git.kernel.org/stable/c/b372264c66ef78f2cab44e877fbd765ad6d24c39

https://git.kernel.org/stable/c/1d58a17ef54599506d44c45ac95be27273a4d2b1

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2021-47450

Description

Affected Products

References