Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2021-47110— x86/kvm: Disable kvmclock on all CPUs on shutdown

EPSS 0.02% · P5
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2021-47110

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
x86/kvm: Disable kvmclock on all CPUs on shutdown
Source: NVD (National Vulnerability Database)
Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: x86/kvm: Disable kvmclock on all CPUs on shutdown Currenly, we disable kvmclock from machine_shutdown() hook and this only happens for boot CPU. We need to disable it for all CPUs to guard against memory corruption e.g. on restore from hibernate. Note, writing '0' to kvmclock MSR doesn't clear memory location, it just prevents hypervisor from updating the location so for the short while after write and while CPU is still alive, the clock remains usable and correct so we don't need to switch to some other clocksource.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Linux kernel 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel 存在安全漏洞,该漏洞源于 x86/kvm 模块中存在错误。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
LinuxLinux 1e977aa12dd4f80688b1f243762212e75c6d7fe8 ~ 9084fe1b3572664ad276f427dce575f580c9799a -
LinuxLinux 2.6.26 -

II. Public POCs for CVE-2021-47110

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2021-47110

登录查看更多情报信息。

Same Patch Batch · Linux · 2024-03-15 · 26 CVEs total

CVE-2021-47123io_uring: fix ltout double free on completion race
CVE-2021-47135mt76: mt7921: fix possible AOOB issue in mt7921_mcu_tx_rate_report
CVE-2021-47134efi/fdt: fix panic when no valid fdt found
CVE-2021-47133HID: amd_sfh: Fix memory leak in amd_sfh_work
CVE-2021-47132mptcp: fix sk_forward_memory corruption on retransmission
CVE-2021-47131net/tls: Fix use-after-free after the TLS device goes down and up
CVE-2021-47130nvmet: fix freeing unallocated p2pmem
CVE-2021-47129netfilter: nft_ct: skip expectations for confirmed conntrack
CVE-2021-47128bpf, lockdown, audit: Fix buggy SELinux lockdown permission checks
CVE-2021-47127ice: track AF_XDP ZC enabled queues in bitmap
CVE-2021-47126ipv6: Fix KASAN: slab-out-of-bounds Read in fib6_nh_flush_exceptions
CVE-2021-47125sch_htb: fix refcount leak in htb_parent_to_leaf_offload
CVE-2021-47124io_uring: fix link timeout refs
CVE-2021-47109neighbour: allow NUD_NOARP entries to be forced GCed
CVE-2021-47122net: caif: fix memory leak in caif_device_notify
CVE-2021-47121net: caif: fix memory leak in cfusbl_device_notify
CVE-2021-47120HID: magicmouse: fix NULL-deref on disconnect
CVE-2021-47119ext4: fix memory leak in ext4_fill_super
CVE-2021-47118pid: take a reference when initializing `cad_pid`
CVE-2021-47117ext4: fix bug on in ext4_es_cache_extent as ext4_split_extent_at failed

Showing top 20 of 26 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: Linux
Same vendor: Linux

V. Comments for CVE-2021-47110

No comments yet

Leave a comment