{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2021-47062","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2024-02-29T22:33:44.294Z","datePublished":"2024-02-29T22:37:36.468Z","dateUpdated":"2025-05-04T07:03:25.492Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2025-05-04T07:03:25.492Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: SVM: Use online_vcpus, not created_vcpus, to iterate over vCPUs\n\nUse the kvm_for_each_vcpu() helper to iterate over vCPUs when encrypting\nVMSAs for SEV, which effectively switches to use online_vcpus instead of\ncreated_vcpus.  This fixes a possible null-pointer dereference as\ncreated_vcpus does not guarantee a vCPU exists, since it is updated at\nthe very beginning of KVM_CREATE_VCPU.  created_vcpus exists to allow the\nbulk of vCPU creation to run in parallel, while still correctly\nrestricting the max number of max vCPUs."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["arch/x86/kvm/svm/sev.c"],"versions":[{"version":"ad73109ae7ec30d5bfb76be108e304f9f0af4829","lessThan":"bd0cced2ae93195668f983d443f7f17e8efd24d2","status":"affected","versionType":"git"},{"version":"ad73109ae7ec30d5bfb76be108e304f9f0af4829","lessThan":"ba7bf5d6336aa9c0d977b161bfa420c56d46ee40","status":"affected","versionType":"git"},{"version":"ad73109ae7ec30d5bfb76be108e304f9f0af4829","lessThan":"c36b16d29f3af5f32fc1b2a3401bf48f71cabee1","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["arch/x86/kvm/svm/sev.c"],"versions":[{"version":"5.11","status":"affected"},{"version":"0","lessThan":"5.11","status":"unaffected","versionType":"semver"},{"version":"5.11.21","lessThanOrEqual":"5.11.*","status":"unaffected","versionType":"semver"},{"version":"5.12.4","lessThanOrEqual":"5.12.*","status":"unaffected","versionType":"semver"},{"version":"5.13","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.11.21"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.12.4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.13"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/bd0cced2ae93195668f983d443f7f17e8efd24d2"},{"url":"https://git.kernel.org/stable/c/ba7bf5d6336aa9c0d977b161bfa420c56d46ee40"},{"url":"https://git.kernel.org/stable/c/c36b16d29f3af5f32fc1b2a3401bf48f71cabee1"}],"title":"KVM: SVM: Use online_vcpus, not created_vcpus, to iterate over vCPUs","x_generator":{"engine":"bippy-1.2.0"}},"adp":[{"title":"CISA ADP Vulnrichment","metrics":[{"other":{"type":"ssvc","content":{"id":"CVE-2021-47062","role":"CISA Coordinator","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"version":"2.0.3","timestamp":"2024-03-05T22:14:24.335971Z"}}}],"providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-06-04T17:14:09.060Z"}},{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-04T05:24:39.873Z"},"title":"CVE Program Container","references":[{"url":"https://git.kernel.org/stable/c/bd0cced2ae93195668f983d443f7f17e8efd24d2","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/ba7bf5d6336aa9c0d977b161bfa420c56d46ee40","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/c36b16d29f3af5f32fc1b2a3401bf48f71cabee1","tags":["x_transferred"]}]}]}}