Bugzilla – Bug 1193187
VUL-0: CVE-2021-4032: kernel-source-azure,kernel-source-rt,kernel-source: kvm: mishandling of memory error during VCPU construction can lead to DoS
Last modified: 2021-11-29 17:07:20 UTC
In the Linux kernel before 5.15, the KVM subsystem can crash the kernel due to the mishandling of memory error that happened during VCPU construction, which allows an attacker to cause a denial of service. When the failed allocation was detected, and the error path was taken, in arch/x86/kvm/lapic.c kvm_free_lapic(). However, a bad jump can happen in static_branch_slow_dec_deferred(), because the error was taken before the apic_hw_disabled jump label was set. The apic_base is initialized before the error, so it needs to undo things that were never done.
No SLE-* or cve/linux-* branches are affected. Already fixed in stable and master.
Bug introduced in: