CVE-2021-47230

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.13.0-rc5-syzkaller

Description The vulnerability is related to the KVM (Kernel-based Virtual Machine) component of the Linux kernel. It occurs when the MMU (Memory Management Unit) context is not properly reset after the SMM (System Management Mode) flag is cleared. This can lead to a NULL pointer dereference when handling a page fault, resulting in a general protection fault. The issue arises because the SMM flag in the MMU role is not synchronized with the vCPU's flag, causing the MMU to be in a bad state. This can happen when RSM (Resume from SMM) fails and is not correctly emulated, leading to the MMU not being properly reset.

Recommendations To resolve this issue, update the Linux kernel to a version that includes the fix for this vulnerability. Specifically, versions prior to 5.13.0-rc5-syzkaller are affected, so updating to 5.13.0-rc5-syzkaller or later should resolve the issue.

As a temporary workaround, consider disabling the KVM component until a patch is available. However, this may not be feasible in all environments, especially those relying heavily on virtualization.

It is also recommended to monitor system logs for any signs of the general protection fault and to implement additional security measures to detect and prevent potential exploitation of this vulnerability.

Note: The provided information does not specify the exact version in which the vulnerability was fixed, only that versions prior to 5.13.0-rc5-syzkaller are affected. Therefore, the recommendation is to update to the latest available kernel version to ensure the inclusion of the fix.