CVE-2021-47217

Source
https://nvd.nist.gov/vuln/detail/CVE-2021-47217
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-47217.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2021-47217
Related
Published
2024-04-10T19:15:48Z
Modified
2024-09-11T04:51:16.594830Z
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved:

x86/hyperv: Fix NULL deref in sethvtscchange_cb() if Hyper-V setup fails

Check for a valid hvvpindex array prior to derefencing hvvpindex when setting Hyper-V's TSC change callback. If Hyper-V setup failed in hyperv_init(), the kernel will still report that it's running under Hyper-V, but will have silently disabled nearly all functionality.

BUG: kernel NULL pointer dereference, address: 0000000000000010 #PF: supervisor read access in kernel mode #PF: errorcode(0x0000) - not-present page PGD 0 P4D 0 Oops: 0000 [#1] SMP CPU: 4 PID: 1 Comm: swapper/0 Not tainted 5.15.0-rc2+ #75 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 0.0.0 02/06/2015 RIP: 0010:sethvtscchangecb+0x15/0xa0 Code: <8b> 04 82 8b 15 12 17 85 01 48 c1 e0 20 48 0d ee 00 01 00 f6 c6 08 ... Call Trace: kvmarchinit+0x17c/0x280 kvminit+0x31/0x330 vmxinit+0xba/0x13a dooneinitcall+0x41/0x1c0 kernelinitfreeable+0x1f2/0x23b kernelinit+0x16/0x120 retfrom_fork+0x22/0x30

References

Affected packages

Debian:11 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.10.84-1

Affected versions

5.*

5.10.46-4
5.10.46-5
5.10.70-1~bpo10+1
5.10.70-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.15.5-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.15.5-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}