CVE-2021-46967
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2021-46967
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-46967.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2021-46967
- Related
- Published
- 2024-02-27T19:04:07Z
- Modified
- 2024-12-06T17:55:35Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
vhost-vdpa: fix vm_flags for virtqueue doorbell mapping
The virtqueue doorbell is usually implemented via registeres but we don't provide the necessary vma->flags like VMPFNMAP. This may cause several issues e.g when userspace tries to map the doorbell via vhost IOTLB, kernel may panic due to the page is not backed by page structure. This patch fixes this by setting the necessary vmflags. With this patch, try to map doorbell via IOTLB will fail with bad address.
- References
-
- https://git.kernel.org/stable/c/3a3e0fad16d40a2aa68ddf7eea4acdf48b22dd44
- https://git.kernel.org/stable/c/3b8b6399666a29daa30b0bb3f5c9e3fc81c5a6a6
- https://git.kernel.org/stable/c/93dbbf20e3ffad14f04227a0b7105f6e6f0387ce
- https://git.kernel.org/stable/c/940230a5c31e2714722aee04c521a21f484b4df7
- https://security-tracker.debian.org/tracker/CVE-2021-46967
Affected packages
Debian:11 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:12 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:13 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source