CVE-2021-46978

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue arises when enlightened VMCS is in use and nested state is migrated with vmx get nested state()/vmx set nested state(). KVM cannot map the eVMCS page right away because the eVMCS GPA is not 'struct kvm vmx nested state hdr' and it cannot be read from the VP assist page. To address this, /vmx set nested state() raises a KVM REQ GET NESTED STATE PAGES request. However, the fix is not ideal as it is challenging to propagate possible failures, and even if it were possible, it might be too late. The idea of using KVM REQ GET NESTED STATE PAGES for mapping eVMCS after migration seems fragile due to the divergence from the native path when vmptr loading occurs on vmx set nested state().

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.