CVE-2021-47450

KVM: arm64: Fix host stage-2 PGD refcount

Description

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix host stage-2 PGD refcount The KVM page-table library refcounts the pages of concatenated stage-2 PGDs individually. However, when running KVM in protected mode, the host's stage-2 PGD is currently managed by EL2 as a single high-order compound page, which can cause the refcount of the tail pages to reach 0 when they shouldn't, hence corrupting the page-table. Fix this by introducing a new hyp_split_page() helper in the EL2 page allocator (matching the kernel's split_page() function), and make use of it from host_s2_zalloc_pages_exact().

N/A
CVSS
Severity:
EPSS 0.06%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/b372264c66ef78f2cab44e877fbd765ad6d24c39
https://git.kernel.org/stable/c/1d58a17ef54599506d44c45ac95be27273a4d2b1

Frequently Asked Questions

What is the severity of CVE-2021-47450?
CVE-2021-47450 has not yet been assigned a CVSS score.
How to fix CVE-2021-47450?
To fix CVE-2021-47450, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2021-47450 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2021-47450 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2021-47450?
CVE-2021-47450 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.