CVE-2021-47639

Summary

CVE-2021-47639 is a vulnerability affecting the Linux kernel's KVM (Kernel-based Virtual Machine) component. The issue lies in the KVM's TDP (Transient Data Protection) MMU (Memory Management Unit) where invalid roots are not properly zapped during unmapping of a gfn (Global Frame Number) range. As a result, use-after-free and other related issues can occur if the mmu_notifier runs to completion while an invalid root zapper is in progress. The most common way to reproduce this bug is through a collision between set_nx_huge_pages() and kvm_mmu_notifier_release(). The consequence of completing the zap of an invalid root after the mmu_notifier returns is fatal, leading to issues such as triggering kvm_set_pfn_dirty(). The vulnerability exists between kvm_mmu_notifier_invalidate_range_start() and memslot updates.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.