PT-2024-11037 · Linux+2 · Linux Kernel+2

Brad Spengler

Published

2024-05-25

Updated

2024-09-16

CVE-2021-4440

CVSS v3.1

8.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The vulnerability is related to the x86/xen paravirt call in the Linux kernel. Specifically, the USERGS SYSRET64 call is used to return from a syscall via SYSRET, but a Xen PV guest will use the IRET hypercall instead, as there is no sysret PV hypercall defined. To resolve this, the USERGS SYSRET64 call is dropped, and the IRET exit is used from the beginning. This change simplifies the code and allows CLEAR CPU BUFFERS to be explicitly added to the syscall return via sysret path.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Resource Exhaustion

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-400CWE-99

Related Identifiers

BDU:2025-02846

CVE-2021-4440

SUSE-SU-2024:3189-1

SUSE-SU-2024:3251-1

SUSE-SU-2024:3252-1

SUSE-SU-2024_3189-1

SUSE-SU-2024_3251-1

SUSE-SU-2024_3252-1

Affected Products

Astra Linux

Linux Kernel

Suse

PT-2024-11037 · Linux+2 · Linux Kernel+2

CVE-2021-4440

Weakness Enumeration

Related Identifiers

Affected Products

References · 255