PT-2024-11164 · Linux+2 · Linux Kernel+2

Andrea Righi

Published

2021-05-07

Updated

2024-08-19

CVE-2021-47112

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue concerns the Linux kernel, where various PV features (Async PF, PV EOI, steal time) work through memory shared with the hypervisor. When restoring from hibernation, these features must be properly torn down to prevent the hypervisor from writing to stale locations after jumping to the previously hibernated kernel. The job is already done for secondary CPUs by kvm cpu down prepare(), and syscore ops are registered to do the same for the boot CPU.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-459

Related Identifiers

BDU:2025-13692

CVE-2021-47112

OESA-2024-1392

OESA-2024-1393

OPENSUSE-SU-2024_1489-1

SUSE-SU-2024:1454-1

SUSE-SU-2024:1465-1

SUSE-SU-2024:1489-1

SUSE-SU-2024:1643-1

SUSE-SU-2024:1646-1

SUSE-SU-2024:1870-1

Affected Products

Astra Linux

Linux Kernel

Suse

PT-2024-11164 · Linux+2 · Linux Kernel+2

CVE-2021-47112

Weakness Enumeration

Related Identifiers

Affected Products

References · 650