How severe is CVE-2021-47060?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6 out of 10.

What type of vulnerability is CVE-2021-47060?

This is classified as NVD-CWE-Other, which is a common weakness in software security.

CVE-2021-47060 - MEDIUM Severity | CVSS 6

Vulnerability Description

In the Linux kernel, the following vulnerability has been resolved: KVM: Stop looking for coalesced MMIO zones if the bus is destroyed Abort the walk of coalesced MMIO zones if kvm_io_bus_unregister_dev() fails to allocate memory for the new instance of the bus. If it can't instantiate a new bus, unregister_dev() destroys all devices _except_ the target device. But, it doesn't tell the caller that it obliterated the bus and invoked the destructor for all devices that were on the bus. In the coalesced MMIO case, this can result in a deleted list entry dereference due to attempting to continue iterating on coalesced_zones after future entries (in the walk) have been deleted. Opportunistically add curly braces to the for-loop, which encompasses many lines but sneaks by without braces due to the guts being a single if statement.

Related Vulnerabilities

CVE-2015-2890

MEDIUM

CVSS:6.0(Medium)

The BIOS implementation on Dell Latitude, OptiPlex, Precision Mobile Workstation, and Precision Workstation Client Solutions (CS) devices with model-dependent firmware before A21 does not enforce a BI...

NVD-CWE-Other2015

CVE-2016-0669

MEDIUM

CVSS:6.0(Medium)

Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect integrity and availability via vectors related to Fwflash.

NVD-CWE-Other2016

CVE-2016-0697

MEDIUM

CVSS:6.0(Medium)

Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows local users to affect confidentiality and integrity vi...

NVD-CWE-Other2016

CVE-2016-4964

MEDIUM

CVSS:6.0(Medium)

The mptsas_fetch_requests function in hw/scsi/mptsas.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop, and CPU consumption or QEMU proces...

NVD-CWE-Other2016

CVE-2016-5516

MEDIUM

CVSS:6.0(Medium)

Unspecified vulnerability in the Kernel PDB component in Oracle Database Server 12.1.0.2 allows local users to affect availability via unknown vectors.

NVD-CWE-Other2016

CVE-2016-6835

MEDIUM

CVSS:6.0(Medium)

The vmxnet_tx_pkt_parse_headers function in hw/net/vmxnet_tx_pkt.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (buffer over-read) by leveraging failu...

NVD-CWE-Other2016