CVE-2021-47227

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to state corruption in the fpu restore sig() function. The non-compacted slowpath uses copy from user() and copies the entire user buffer into the kernel buffer, verbatim, which can lead to entirely invalid state on which XRSTOR will #GP. The validate user xstate header() function can detect some of that corruption, but it leaves the onus on callers to clear the buffer. To avoid corruption of the kernel XSAVE buffer, the copy user to xstate() function is used, which validates the XSAVE header contents before copying the actual states to the kernel.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.