CVE-2021-47094
Public on 2024-03-04
Modified on 2024-07-31
Description
In the Linux kernel, the following vulnerability has been resolved:
KVM: x86/mmu: Don't advance iterator after restart due to yielding
CVE-2021-47094 relates to a memory correctness issue in the TDP MMU implementation of KVM. On Amazon Linux 2 with Linux 5.10 and 5.15 this functionality is disabled by default due to it’s experimental status. Amazon will not provide a fix because the upstream change cannot be applied reliably to the previous version. Amazon Linux recommends customers that want to use TDP MMU to use Amazon Linux 2023 with Linux 6.1.
KVM: x86/mmu: Don't advance iterator after restart due to yielding
CVE-2021-47094 relates to a memory correctness issue in the TDP MMU implementation of KVM. On Amazon Linux 2 with Linux 5.10 and 5.15 this functionality is disabled by default due to it’s experimental status. Amazon will not provide a fix because the upstream change cannot be applied reliably to the previous version. Amazon Linux recommends customers that want to use TDP MMU to use Amazon Linux 2023 with Linux 6.1.
Severity
Important
CVSS v3 Base Score
See breakdown
Affected Packages
| Platform | Package | Release Date | Advisory | Status |
|---|---|---|---|---|
| Amazon Linux 1 | kernel | Not Affected | ||
| Amazon Linux 2 - Core | kernel | Not Affected | ||
| Amazon Linux 2 - Kernel-5.15 Extra | kernel | Not Affected | ||
| Amazon Linux 2 - Kernel-5.4 Extra | kernel | Not Affected | ||
| Amazon Linux 2 - Kernel-5.10 Extra | kernel | No Fix Planned | ||
| Amazon Linux 2023 | kernel | Not Affected |
CVSS Scores
| Score Type | Score | Vector | |
|---|---|---|---|
| Amazon Linux | CVSSv3 | 7.1 | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H |
| NVD | CVSSv3 | 7.1 | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H |