csaf_suse - suse-su-2022:3728-1

suse-su-2022:3728-1

Vulnerability from csaf_suse

Published

2022-10-25 13:40

Modified

2022-10-25 13:40

Summary

Security update for xen

Notes

Title of the patch

Security update for xen

Description of the patch

This update for xen fixes the following issues: - CVE-2022-26365: Fixed issue where Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (bsc#1200762). - CVE-2022-33740: Fixed issue where Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (bsc#1200762). - CVE-2022-33741: Fixed issue where data residing in the same 4K page as data shared with a backend was being accessible by such backend (bsc#1200762). - CVE-2022-33742: Fixed issue where data residing in the same 4K page as data shared with a backend was being accessible by such backend (bsc#1200762). - CVE-2022-33746: Fixed DoS due to excessively long P2M pool freeing (bsc#1203806). - CVE-2021-28689: Fixed speculative vulnerabilities with bare (non-shim) 32-bit PV guests (bsc#1185104). - CVE-2022-33748: Fixed DoS due to race in locking (bsc#1203807).

Patchnames

SUSE-2022-3728,SUSE-SLE-SDK-12-SP5-2022-3728,SUSE-SLE-SERVER-12-SP5-2022-3728

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for xen",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for xen fixes the following issues:\n\n  - CVE-2022-26365: Fixed issue where Linux Block and Network PV device frontends don\u0027t zero memory regions before sharing them with the backend (bsc#1200762).\n  - CVE-2022-33740: Fixed issue where Linux Block and Network PV device frontends don\u0027t zero memory regions before sharing them with the backend (bsc#1200762).\n  - CVE-2022-33741: Fixed issue where data residing in the same 4K page as data shared with a backend was being accessible by such backend (bsc#1200762).\n  - CVE-2022-33742: Fixed issue where data residing in the same 4K page as data shared with a backend was being accessible by such backend (bsc#1200762).\n  - CVE-2022-33746: Fixed DoS due to excessively long P2M pool freeing (bsc#1203806).\n  - CVE-2021-28689: Fixed speculative vulnerabilities with bare (non-shim) 32-bit PV guests (bsc#1185104).\n  - CVE-2022-33748: Fixed DoS due to race in locking (bsc#1203807).\n\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-2022-3728,SUSE-SLE-SDK-12-SP5-2022-3728,SUSE-SLE-SERVER-12-SP5-2022-3728",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_3728-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2022:3728-1",
        "url": "https://www.suse.com/support/update/announcement/2022/suse-su-20223728-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2022:3728-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-October/012670.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1185104",
        "url": "https://bugzilla.suse.com/1185104"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200762",
        "url": "https://bugzilla.suse.com/1200762"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1203806",
        "url": "https://bugzilla.suse.com/1203806"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1203807",
        "url": "https://bugzilla.suse.com/1203807"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-28689 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-28689/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-26365 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-26365/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-33740 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-33740/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-33741 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-33741/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-33742 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-33742/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-33746 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-33746/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-33748 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-33748/"
      }
    ],
    "title": "Security update for xen",
    "tracking": {
      "current_release_date": "2022-10-25T13:40:54Z",
      "generator": {
        "date": "2022-10-25T13:40:54Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2022:3728-1",
      "initial_release_date": "2022-10-25T13:40:54Z",
      "revision_history": [
        {
          "date": "2022-10-25T13:40:54Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "xen-4.12.4_28-3.77.1.aarch64",
                "product": {
                  "name": "xen-4.12.4_28-3.77.1.aarch64",
                  "product_id": "xen-4.12.4_28-3.77.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "xen-devel-4.12.4_28-3.77.1.aarch64",
                "product": {
                  "name": "xen-devel-4.12.4_28-3.77.1.aarch64",
                  "product_id": "xen-devel-4.12.4_28-3.77.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "xen-doc-html-4.12.4_28-3.77.1.aarch64",
                "product": {
                  "name": "xen-doc-html-4.12.4_28-3.77.1.aarch64",
                  "product_id": "xen-doc-html-4.12.4_28-3.77.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "xen-libs-4.12.4_28-3.77.1.aarch64",
                "product": {
                  "name": "xen-libs-4.12.4_28-3.77.1.aarch64",
                  "product_id": "xen-libs-4.12.4_28-3.77.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "xen-tools-4.12.4_28-3.77.1.aarch64",
                "product": {
                  "name": "xen-tools-4.12.4_28-3.77.1.aarch64",
                  "product_id": "xen-tools-4.12.4_28-3.77.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "xen-tools-domU-4.12.4_28-3.77.1.aarch64",
                "product": {
                  "name": "xen-tools-domU-4.12.4_28-3.77.1.aarch64",
                  "product_id": "xen-tools-domU-4.12.4_28-3.77.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "xen-libs-64bit-4.12.4_28-3.77.1.aarch64_ilp32",
                "product": {
                  "name": "xen-libs-64bit-4.12.4_28-3.77.1.aarch64_ilp32",
                  "product_id": "xen-libs-64bit-4.12.4_28-3.77.1.aarch64_ilp32"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64_ilp32"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "xen-devel-4.12.4_28-3.77.1.i586",
                "product": {
                  "name": "xen-devel-4.12.4_28-3.77.1.i586",
                  "product_id": "xen-devel-4.12.4_28-3.77.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "xen-libs-4.12.4_28-3.77.1.i586",
                "product": {
                  "name": "xen-libs-4.12.4_28-3.77.1.i586",
                  "product_id": "xen-libs-4.12.4_28-3.77.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "xen-tools-domU-4.12.4_28-3.77.1.i586",
                "product": {
                  "name": "xen-tools-domU-4.12.4_28-3.77.1.i586",
                  "product_id": "xen-tools-domU-4.12.4_28-3.77.1.i586"
                }
              }
            ],
            "category": "architecture",
            "name": "i586"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "xen-4.12.4_28-3.77.1.x86_64",
                "product": {
                  "name": "xen-4.12.4_28-3.77.1.x86_64",
                  "product_id": "xen-4.12.4_28-3.77.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "xen-devel-4.12.4_28-3.77.1.x86_64",
                "product": {
                  "name": "xen-devel-4.12.4_28-3.77.1.x86_64",
                  "product_id": "xen-devel-4.12.4_28-3.77.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "xen-doc-html-4.12.4_28-3.77.1.x86_64",
                "product": {
                  "name": "xen-doc-html-4.12.4_28-3.77.1.x86_64",
                  "product_id": "xen-doc-html-4.12.4_28-3.77.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "xen-libs-4.12.4_28-3.77.1.x86_64",
                "product": {
                  "name": "xen-libs-4.12.4_28-3.77.1.x86_64",
                  "product_id": "xen-libs-4.12.4_28-3.77.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "xen-libs-32bit-4.12.4_28-3.77.1.x86_64",
                "product": {
                  "name": "xen-libs-32bit-4.12.4_28-3.77.1.x86_64",
                  "product_id": "xen-libs-32bit-4.12.4_28-3.77.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "xen-tools-4.12.4_28-3.77.1.x86_64",
                "product": {
                  "name": "xen-tools-4.12.4_28-3.77.1.x86_64",
                  "product_id": "xen-tools-4.12.4_28-3.77.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "xen-tools-domU-4.12.4_28-3.77.1.x86_64",
                "product": {
                  "name": "xen-tools-domU-4.12.4_28-3.77.1.x86_64",
                  "product_id": "xen-tools-domU-4.12.4_28-3.77.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Software Development Kit 12 SP5",
                "product": {
                  "name": "SUSE Linux Enterprise Software Development Kit 12 SP5",
                  "product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-sdk:12:sp5"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server 12 SP5",
                "product": {
                  "name": "SUSE Linux Enterprise Server 12 SP5",
                  "product_id": "SUSE Linux Enterprise Server 12 SP5",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles:12:sp5"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
                "product": {
                  "name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
                  "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles_sap:12:sp5"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-devel-4.12.4_28-3.77.1.aarch64 as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
          "product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:xen-devel-4.12.4_28-3.77.1.aarch64"
        },
        "product_reference": "xen-devel-4.12.4_28-3.77.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-devel-4.12.4_28-3.77.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
          "product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:xen-devel-4.12.4_28-3.77.1.x86_64"
        },
        "product_reference": "xen-devel-4.12.4_28-3.77.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-4.12.4_28-3.77.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
          "product_id": "SUSE Linux Enterprise Server 12 SP5:xen-4.12.4_28-3.77.1.x86_64"
        },
        "product_reference": "xen-4.12.4_28-3.77.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-doc-html-4.12.4_28-3.77.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
          "product_id": "SUSE Linux Enterprise Server 12 SP5:xen-doc-html-4.12.4_28-3.77.1.x86_64"
        },
        "product_reference": "xen-doc-html-4.12.4_28-3.77.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-libs-4.12.4_28-3.77.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
          "product_id": "SUSE Linux Enterprise Server 12 SP5:xen-libs-4.12.4_28-3.77.1.x86_64"
        },
        "product_reference": "xen-libs-4.12.4_28-3.77.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-libs-32bit-4.12.4_28-3.77.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
          "product_id": "SUSE Linux Enterprise Server 12 SP5:xen-libs-32bit-4.12.4_28-3.77.1.x86_64"
        },
        "product_reference": "xen-libs-32bit-4.12.4_28-3.77.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-tools-4.12.4_28-3.77.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
          "product_id": "SUSE Linux Enterprise Server 12 SP5:xen-tools-4.12.4_28-3.77.1.x86_64"
        },
        "product_reference": "xen-tools-4.12.4_28-3.77.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-tools-domU-4.12.4_28-3.77.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
          "product_id": "SUSE Linux Enterprise Server 12 SP5:xen-tools-domU-4.12.4_28-3.77.1.x86_64"
        },
        "product_reference": "xen-tools-domU-4.12.4_28-3.77.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-4.12.4_28-3.77.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-4.12.4_28-3.77.1.x86_64"
        },
        "product_reference": "xen-4.12.4_28-3.77.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-doc-html-4.12.4_28-3.77.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-doc-html-4.12.4_28-3.77.1.x86_64"
        },
        "product_reference": "xen-doc-html-4.12.4_28-3.77.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-libs-4.12.4_28-3.77.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-libs-4.12.4_28-3.77.1.x86_64"
        },
        "product_reference": "xen-libs-4.12.4_28-3.77.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-libs-32bit-4.12.4_28-3.77.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-libs-32bit-4.12.4_28-3.77.1.x86_64"
        },
        "product_reference": "xen-libs-32bit-4.12.4_28-3.77.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-tools-4.12.4_28-3.77.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-tools-4.12.4_28-3.77.1.x86_64"
        },
        "product_reference": "xen-tools-4.12.4_28-3.77.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-tools-domU-4.12.4_28-3.77.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-tools-domU-4.12.4_28-3.77.1.x86_64"
        },
        "product_reference": "xen-tools-domU-4.12.4_28-3.77.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-28689",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-28689"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "x86: Speculative vulnerabilities with bare (non-shim) 32-bit PV guests 32-bit x86 PV guest kernels run in ring 1. At the time when Xen was developed, this area of the i386 architecture was rarely used, which is why Xen was able to use it to implement paravirtualisation, Xen\u0027s novel approach to virtualization. In AMD64, Xen had to use a different implementation approach, so Xen does not use ring 1 to support 64-bit guests. With the focus now being on 64-bit systems, and the availability of explicit hardware support for virtualization, fixing speculation issues in ring 1 is not a priority for processor companies. Indirect Branch Restricted Speculation (IBRS) is an architectural x86 extension put together to combat speculative execution sidechannel attacks, including Spectre v2. It was retrofitted in microcode to existing CPUs. For more details on Spectre v2, see: http://xenbits.xen.org/xsa/advisory-254.html However, IBRS does not architecturally protect ring 0 from predictions learnt in ring 1. For more details, see: https://software.intel.com/security-software-guidance/deep-dives/deep-dive-indirect-branch-restricted-speculation Similar situations may exist with other mitigations for other kinds of speculative execution attacks. The situation is quite likely to be similar for speculative execution attacks which have yet to be discovered, disclosed, or mitigated.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12 SP5:xen-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:xen-doc-html-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:xen-libs-32bit-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:xen-libs-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:xen-tools-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:xen-tools-domU-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-doc-html-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-libs-32bit-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-libs-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-tools-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-tools-domU-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:xen-devel-4.12.4_28-3.77.1.aarch64",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:xen-devel-4.12.4_28-3.77.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-28689",
          "url": "https://www.suse.com/security/cve/CVE-2021-28689"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1185104 for CVE-2021-28689",
          "url": "https://bugzilla.suse.com/1185104"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12 SP5:xen-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:xen-doc-html-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:xen-libs-32bit-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:xen-libs-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:xen-tools-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:xen-tools-domU-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-doc-html-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-libs-32bit-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-libs-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-tools-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-tools-domU-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:xen-devel-4.12.4_28-3.77.1.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:xen-devel-4.12.4_28-3.77.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 12 SP5:xen-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:xen-doc-html-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:xen-libs-32bit-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:xen-libs-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:xen-tools-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:xen-tools-domU-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-doc-html-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-libs-32bit-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-libs-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-tools-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-tools-domU-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:xen-devel-4.12.4_28-3.77.1.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:xen-devel-4.12.4_28-3.77.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-10-25T13:40:54Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2021-28689"
    },
    {
      "cve": "CVE-2022-26365",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-26365"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don\u0027t zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740). Additionally the granularity of the grant table doesn\u0027t allow sharing less than a 4K page, leading to unrelated data residing in the same 4K page as data shared with a backend being accessible by such backend (CVE-2022-33741, CVE-2022-33742).",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12 SP5:xen-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:xen-doc-html-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:xen-libs-32bit-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:xen-libs-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:xen-tools-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:xen-tools-domU-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-doc-html-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-libs-32bit-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-libs-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-tools-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-tools-domU-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:xen-devel-4.12.4_28-3.77.1.aarch64",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:xen-devel-4.12.4_28-3.77.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-26365",
          "url": "https://www.suse.com/security/cve/CVE-2022-26365"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200762 for CVE-2022-26365",
          "url": "https://bugzilla.suse.com/1200762"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12 SP5:xen-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:xen-doc-html-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:xen-libs-32bit-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:xen-libs-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:xen-tools-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:xen-tools-domU-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-doc-html-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-libs-32bit-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-libs-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-tools-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-tools-domU-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:xen-devel-4.12.4_28-3.77.1.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:xen-devel-4.12.4_28-3.77.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 12 SP5:xen-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:xen-doc-html-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:xen-libs-32bit-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:xen-libs-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:xen-tools-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:xen-tools-domU-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-doc-html-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-libs-32bit-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-libs-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-tools-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-tools-domU-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:xen-devel-4.12.4_28-3.77.1.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:xen-devel-4.12.4_28-3.77.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-10-25T13:40:54Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-26365"
    },
    {
      "cve": "CVE-2022-33740",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-33740"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don\u0027t zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740). Additionally the granularity of the grant table doesn\u0027t allow sharing less than a 4K page, leading to unrelated data residing in the same 4K page as data shared with a backend being accessible by such backend (CVE-2022-33741, CVE-2022-33742).",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12 SP5:xen-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:xen-doc-html-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:xen-libs-32bit-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:xen-libs-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:xen-tools-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:xen-tools-domU-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-doc-html-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-libs-32bit-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-libs-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-tools-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-tools-domU-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:xen-devel-4.12.4_28-3.77.1.aarch64",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:xen-devel-4.12.4_28-3.77.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-33740",
          "url": "https://www.suse.com/security/cve/CVE-2022-33740"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200762 for CVE-2022-33740",
          "url": "https://bugzilla.suse.com/1200762"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12 SP5:xen-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:xen-doc-html-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:xen-libs-32bit-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:xen-libs-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:xen-tools-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:xen-tools-domU-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-doc-html-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-libs-32bit-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-libs-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-tools-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-tools-domU-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:xen-devel-4.12.4_28-3.77.1.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:xen-devel-4.12.4_28-3.77.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 12 SP5:xen-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:xen-doc-html-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:xen-libs-32bit-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:xen-libs-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:xen-tools-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:xen-tools-domU-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-doc-html-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-libs-32bit-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-libs-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-tools-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-tools-domU-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:xen-devel-4.12.4_28-3.77.1.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:xen-devel-4.12.4_28-3.77.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-10-25T13:40:54Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-33740"
    },
    {
      "cve": "CVE-2022-33741",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-33741"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don\u0027t zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740). Additionally the granularity of the grant table doesn\u0027t allow sharing less than a 4K page, leading to unrelated data residing in the same 4K page as data shared with a backend being accessible by such backend (CVE-2022-33741, CVE-2022-33742).",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12 SP5:xen-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:xen-doc-html-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:xen-libs-32bit-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:xen-libs-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:xen-tools-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:xen-tools-domU-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-doc-html-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-libs-32bit-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-libs-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-tools-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-tools-domU-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:xen-devel-4.12.4_28-3.77.1.aarch64",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:xen-devel-4.12.4_28-3.77.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-33741",
          "url": "https://www.suse.com/security/cve/CVE-2022-33741"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200762 for CVE-2022-33741",
          "url": "https://bugzilla.suse.com/1200762"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12 SP5:xen-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:xen-doc-html-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:xen-libs-32bit-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:xen-libs-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:xen-tools-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:xen-tools-domU-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-doc-html-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-libs-32bit-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-libs-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-tools-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-tools-domU-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:xen-devel-4.12.4_28-3.77.1.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:xen-devel-4.12.4_28-3.77.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 12 SP5:xen-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:xen-doc-html-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:xen-libs-32bit-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:xen-libs-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:xen-tools-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:xen-tools-domU-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-doc-html-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-libs-32bit-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-libs-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-tools-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-tools-domU-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:xen-devel-4.12.4_28-3.77.1.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:xen-devel-4.12.4_28-3.77.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-10-25T13:40:54Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-33741"
    },
    {
      "cve": "CVE-2022-33742",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-33742"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don\u0027t zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740). Additionally the granularity of the grant table doesn\u0027t allow sharing less than a 4K page, leading to unrelated data residing in the same 4K page as data shared with a backend being accessible by such backend (CVE-2022-33741, CVE-2022-33742).",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12 SP5:xen-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:xen-doc-html-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:xen-libs-32bit-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:xen-libs-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:xen-tools-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:xen-tools-domU-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-doc-html-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-libs-32bit-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-libs-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-tools-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-tools-domU-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:xen-devel-4.12.4_28-3.77.1.aarch64",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:xen-devel-4.12.4_28-3.77.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-33742",
          "url": "https://www.suse.com/security/cve/CVE-2022-33742"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200762 for CVE-2022-33742",
          "url": "https://bugzilla.suse.com/1200762"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12 SP5:xen-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:xen-doc-html-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:xen-libs-32bit-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:xen-libs-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:xen-tools-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:xen-tools-domU-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-doc-html-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-libs-32bit-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-libs-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-tools-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-tools-domU-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:xen-devel-4.12.4_28-3.77.1.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:xen-devel-4.12.4_28-3.77.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 12 SP5:xen-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:xen-doc-html-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:xen-libs-32bit-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:xen-libs-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:xen-tools-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:xen-tools-domU-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-doc-html-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-libs-32bit-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-libs-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-tools-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-tools-domU-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:xen-devel-4.12.4_28-3.77.1.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:xen-devel-4.12.4_28-3.77.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-10-25T13:40:54Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-33742"
    },
    {
      "cve": "CVE-2022-33746",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-33746"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "P2M pool freeing may take excessively long The P2M pool backing second level address translation for guests may be of significant size. Therefore its freeing may take more time than is reasonable without intermediate preemption checks. Such checking for the need to preempt was so far missing.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12 SP5:xen-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:xen-doc-html-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:xen-libs-32bit-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:xen-libs-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:xen-tools-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:xen-tools-domU-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-doc-html-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-libs-32bit-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-libs-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-tools-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-tools-domU-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:xen-devel-4.12.4_28-3.77.1.aarch64",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:xen-devel-4.12.4_28-3.77.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-33746",
          "url": "https://www.suse.com/security/cve/CVE-2022-33746"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1203806 for CVE-2022-33746",
          "url": "https://bugzilla.suse.com/1203806"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12 SP5:xen-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:xen-doc-html-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:xen-libs-32bit-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:xen-libs-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:xen-tools-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:xen-tools-domU-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-doc-html-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-libs-32bit-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-libs-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-tools-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-tools-domU-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:xen-devel-4.12.4_28-3.77.1.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:xen-devel-4.12.4_28-3.77.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 12 SP5:xen-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:xen-doc-html-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:xen-libs-32bit-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:xen-libs-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:xen-tools-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:xen-tools-domU-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-doc-html-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-libs-32bit-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-libs-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-tools-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-tools-domU-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:xen-devel-4.12.4_28-3.77.1.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:xen-devel-4.12.4_28-3.77.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-10-25T13:40:54Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-33746"
    },
    {
      "cve": "CVE-2022-33748",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-33748"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "lock order inversion in transitive grant copy handling As part of XSA-226 a missing cleanup call was inserted on an error handling path. While doing so, locking requirements were not paid attention to. As a result two cooperating guests granting each other transitive grants can cause locks to be acquired nested within one another, but in respectively opposite order. With suitable timing between the involved grant copy operations this may result in the locking up of a CPU.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12 SP5:xen-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:xen-doc-html-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:xen-libs-32bit-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:xen-libs-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:xen-tools-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:xen-tools-domU-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-doc-html-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-libs-32bit-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-libs-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-tools-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-tools-domU-4.12.4_28-3.77.1.x86_64",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:xen-devel-4.12.4_28-3.77.1.aarch64",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:xen-devel-4.12.4_28-3.77.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-33748",
          "url": "https://www.suse.com/security/cve/CVE-2022-33748"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1203807 for CVE-2022-33748",
          "url": "https://bugzilla.suse.com/1203807"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12 SP5:xen-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:xen-doc-html-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:xen-libs-32bit-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:xen-libs-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:xen-tools-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:xen-tools-domU-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-doc-html-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-libs-32bit-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-libs-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-tools-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-tools-domU-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:xen-devel-4.12.4_28-3.77.1.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:xen-devel-4.12.4_28-3.77.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 12 SP5:xen-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:xen-doc-html-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:xen-libs-32bit-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:xen-libs-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:xen-tools-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:xen-tools-domU-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-doc-html-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-libs-32bit-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-libs-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-tools-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:xen-tools-domU-4.12.4_28-3.77.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:xen-devel-4.12.4_28-3.77.1.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:xen-devel-4.12.4_28-3.77.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-10-25T13:40:54Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-33748"
    }
  ]
}

CVE-2022-33740 (GCVE-0-2022-33740)

Vulnerability from cvelistv5

Published

2022-07-05 12:50

Modified

2024-08-03 08:09

Severity ?

CWE

unknown

Summary

Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740). Additionally the granularity of the grant table doesn't allow sharing less than a 4K page, leading to unrelated data residing in the same 4K page as data shared with a backend being accessible by such backend (CVE-2022-33741, CVE-2022-33742).

References

►

URL

Tags

	https://xenbits.xenproject.org/xsa/advisory-403.txt	x_refsource_MISC
	http://xenbits.xen.org/xsa/advisory-403.html	x_refsource_CONFIRM
	http://www.openwall.com/lists/oss-security/2022/07/05/6	mailing-list, x_refsource_MLIST
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IGFTRZ66KQYTSYIRT5FRHF5D6O72NWOP/	vendor-advisory, x_refsource_FEDORA
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RKRXZ4LHGCGMOG24ZCEJNY6R2BTS4S2Q/	vendor-advisory, x_refsource_FEDORA
	https://www.debian.org/security/2022/dsa-5191	vendor-advisory, x_refsource_DEBIAN
	https://lists.debian.org/debian-lts-announce/2022/10/msg00000.html	mailing-list, x_refsource_MLIST

Impacted products

Vendor

Product

Version

►

Linux

Xen

xen

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T08:09:22.628Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://xenbits.xenproject.org/xsa/advisory-403.txt"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://xenbits.xen.org/xsa/advisory-403.html"
          },
          {
            "name": "[oss-security] 20220705 Xen Security Advisory 403 v3 (CVE-2022-26365,CVE-2022-33740,CVE-2022-33741,CVE-2022-33742) - Linux disk/nic frontends data leaks",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2022/07/05/6"
          },
          {
            "name": "FEDORA-2022-c4ec706488",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IGFTRZ66KQYTSYIRT5FRHF5D6O72NWOP/"
          },
          {
            "name": "FEDORA-2022-2c9f8224f8",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RKRXZ4LHGCGMOG24ZCEJNY6R2BTS4S2Q/"
          },
          {
            "name": "DSA-5191",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2022/dsa-5191"
          },
          {
            "name": "[debian-lts-announce] 20221002 [SECURITY] [DLA 3131-1] linux security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00000.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Linux",
          "vendor": "Linux",
          "versions": [
            {
              "status": "unknown",
              "version": "consult Xen advisory XSA-403"
            }
          ]
        },
        {
          "product": "xen",
          "vendor": "Xen",
          "versions": [
            {
              "status": "unknown",
              "version": "consult Xen advisory XSA-403"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "{\u0027credit_data\u0027: {\u0027description\u0027: {\u0027description_data\u0027: [{\u0027lang\u0027: \u0027eng\u0027, \u0027value\u0027: \u0027The issue related to not zeroing memory areas used for shared communications\\nwas discovered by Roger Pau Monn\u00e9 of Citrix.\\n\\nThe issue related to leaking contiguous data in granted pages was disclosed\\npublicly.\u0027}]}}}"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don\u0027t zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740). Additionally the granularity of the grant table doesn\u0027t allow sharing less than a 4K page, leading to unrelated data residing in the same 4K page as data shared with a backend being accessible by such backend (CVE-2022-33741, CVE-2022-33742)."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "description": {
                "description_data": [
                  {
                    "lang": "eng",
                    "value": "An untrusted backend can access data not intended to be shared.  If such\nmappings are made with write permissions the backend could also cause\nmalfunctions and/or crashes to consumers of contiguous data in the shared\npages."
                  }
                ]
              }
            },
            "type": "unknown"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "unknown",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-10-02T18:06:12",
        "orgId": "23aa2041-22e1-471f-9209-9b7396fa234f",
        "shortName": "XEN"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://xenbits.xenproject.org/xsa/advisory-403.txt"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://xenbits.xen.org/xsa/advisory-403.html"
        },
        {
          "name": "[oss-security] 20220705 Xen Security Advisory 403 v3 (CVE-2022-26365,CVE-2022-33740,CVE-2022-33741,CVE-2022-33742) - Linux disk/nic frontends data leaks",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2022/07/05/6"
        },
        {
          "name": "FEDORA-2022-c4ec706488",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IGFTRZ66KQYTSYIRT5FRHF5D6O72NWOP/"
        },
        {
          "name": "FEDORA-2022-2c9f8224f8",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RKRXZ4LHGCGMOG24ZCEJNY6R2BTS4S2Q/"
        },
        {
          "name": "DSA-5191",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2022/dsa-5191"
        },
        {
          "name": "[debian-lts-announce] 20221002 [SECURITY] [DLA 3131-1] linux security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00000.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@xen.org",
          "ID": "CVE-2022-33740",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Linux",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "?",
                            "version_value": "consult Xen advisory XSA-403"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Linux"
              },
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "xen",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "?",
                            "version_value": "consult Xen advisory XSA-403"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Xen"
              }
            ]
          }
        },
        "configuration": {
          "configuration_data": {
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "All Linux guests using PV devices are vulnerable in case potentially\nmalicious PV device backends are being used."
                }
              ]
            }
          }
        },
        "credit": {
          "credit_data": {
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The issue related to not zeroing memory areas used for shared communications\nwas discovered by Roger Pau Monn\u00e9 of Citrix.\n\nThe issue related to leaking contiguous data in granted pages was disclosed\npublicly."
                }
              ]
            }
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don\u0027t zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740). Additionally the granularity of the grant table doesn\u0027t allow sharing less than a 4K page, leading to unrelated data residing in the same 4K page as data shared with a backend being accessible by such backend (CVE-2022-33741, CVE-2022-33742)."
            }
          ]
        },
        "impact": {
          "impact_data": {
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "An untrusted backend can access data not intended to be shared.  If such\nmappings are made with write permissions the backend could also cause\nmalfunctions and/or crashes to consumers of contiguous data in the shared\npages."
                }
              ]
            }
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "unknown"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://xenbits.xenproject.org/xsa/advisory-403.txt",
              "refsource": "MISC",
              "url": "https://xenbits.xenproject.org/xsa/advisory-403.txt"
            },
            {
              "name": "http://xenbits.xen.org/xsa/advisory-403.html",
              "refsource": "CONFIRM",
              "url": "http://xenbits.xen.org/xsa/advisory-403.html"
            },
            {
              "name": "[oss-security] 20220705 Xen Security Advisory 403 v3 (CVE-2022-26365,CVE-2022-33740,CVE-2022-33741,CVE-2022-33742) - Linux disk/nic frontends data leaks",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2022/07/05/6"
            },
            {
              "name": "FEDORA-2022-c4ec706488",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IGFTRZ66KQYTSYIRT5FRHF5D6O72NWOP/"
            },
            {
              "name": "FEDORA-2022-2c9f8224f8",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RKRXZ4LHGCGMOG24ZCEJNY6R2BTS4S2Q/"
            },
            {
              "name": "DSA-5191",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2022/dsa-5191"
            },
            {
              "name": "[debian-lts-announce] 20221002 [SECURITY] [DLA 3131-1] linux security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00000.html"
            }
          ]
        },
        "workaround": {
          "workaround_data": {
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "There is no mitigation available other than not using PV devices in case\na backend is suspected to be potentially malicious."
                }
              ]
            }
          }
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "23aa2041-22e1-471f-9209-9b7396fa234f",
    "assignerShortName": "XEN",
    "cveId": "CVE-2022-33740",
    "datePublished": "2022-07-05T12:50:30",
    "dateReserved": "2022-06-15T00:00:00",
    "dateUpdated": "2024-08-03T08:09:22.628Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-33742 (GCVE-0-2022-33742)

Vulnerability from cvelistv5

Published

2022-07-05 12:50

Modified

2024-08-03 08:09

Severity ?

CWE

unknown

Summary

References

►

URL

Tags

	https://xenbits.xenproject.org/xsa/advisory-403.txt	x_refsource_MISC
	http://xenbits.xen.org/xsa/advisory-403.html	x_refsource_CONFIRM
	http://www.openwall.com/lists/oss-security/2022/07/05/6	mailing-list, x_refsource_MLIST
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IGFTRZ66KQYTSYIRT5FRHF5D6O72NWOP/	vendor-advisory, x_refsource_FEDORA
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RKRXZ4LHGCGMOG24ZCEJNY6R2BTS4S2Q/	vendor-advisory, x_refsource_FEDORA
	https://www.debian.org/security/2022/dsa-5191	vendor-advisory, x_refsource_DEBIAN
	https://lists.debian.org/debian-lts-announce/2022/10/msg00000.html	mailing-list, x_refsource_MLIST

Impacted products

Vendor

Product

Version

►

Linux

Xen

xen

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T08:09:22.683Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://xenbits.xenproject.org/xsa/advisory-403.txt"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://xenbits.xen.org/xsa/advisory-403.html"
          },
          {
            "name": "[oss-security] 20220705 Xen Security Advisory 403 v3 (CVE-2022-26365,CVE-2022-33740,CVE-2022-33741,CVE-2022-33742) - Linux disk/nic frontends data leaks",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2022/07/05/6"
          },
          {
            "name": "FEDORA-2022-c4ec706488",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IGFTRZ66KQYTSYIRT5FRHF5D6O72NWOP/"
          },
          {
            "name": "FEDORA-2022-2c9f8224f8",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RKRXZ4LHGCGMOG24ZCEJNY6R2BTS4S2Q/"
          },
          {
            "name": "DSA-5191",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2022/dsa-5191"
          },
          {
            "name": "[debian-lts-announce] 20221002 [SECURITY] [DLA 3131-1] linux security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00000.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Linux",
          "vendor": "Linux",
          "versions": [
            {
              "status": "unknown",
              "version": "consult Xen advisory XSA-403"
            }
          ]
        },
        {
          "product": "xen",
          "vendor": "Xen",
          "versions": [
            {
              "status": "unknown",
              "version": "consult Xen advisory XSA-403"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "{\u0027credit_data\u0027: {\u0027description\u0027: {\u0027description_data\u0027: [{\u0027lang\u0027: \u0027eng\u0027, \u0027value\u0027: \u0027The issue related to not zeroing memory areas used for shared communications\\nwas discovered by Roger Pau Monn\u00e9 of Citrix.\\n\\nThe issue related to leaking contiguous data in granted pages was disclosed\\npublicly.\u0027}]}}}"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don\u0027t zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740). Additionally the granularity of the grant table doesn\u0027t allow sharing less than a 4K page, leading to unrelated data residing in the same 4K page as data shared with a backend being accessible by such backend (CVE-2022-33741, CVE-2022-33742)."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "description": {
                "description_data": [
                  {
                    "lang": "eng",
                    "value": "An untrusted backend can access data not intended to be shared.  If such\nmappings are made with write permissions the backend could also cause\nmalfunctions and/or crashes to consumers of contiguous data in the shared\npages."
                  }
                ]
              }
            },
            "type": "unknown"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "unknown",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-10-02T18:06:05",
        "orgId": "23aa2041-22e1-471f-9209-9b7396fa234f",
        "shortName": "XEN"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://xenbits.xenproject.org/xsa/advisory-403.txt"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://xenbits.xen.org/xsa/advisory-403.html"
        },
        {
          "name": "[oss-security] 20220705 Xen Security Advisory 403 v3 (CVE-2022-26365,CVE-2022-33740,CVE-2022-33741,CVE-2022-33742) - Linux disk/nic frontends data leaks",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2022/07/05/6"
        },
        {
          "name": "FEDORA-2022-c4ec706488",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IGFTRZ66KQYTSYIRT5FRHF5D6O72NWOP/"
        },
        {
          "name": "FEDORA-2022-2c9f8224f8",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RKRXZ4LHGCGMOG24ZCEJNY6R2BTS4S2Q/"
        },
        {
          "name": "DSA-5191",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2022/dsa-5191"
        },
        {
          "name": "[debian-lts-announce] 20221002 [SECURITY] [DLA 3131-1] linux security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00000.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@xen.org",
          "ID": "CVE-2022-33742",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Linux",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "?",
                            "version_value": "consult Xen advisory XSA-403"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Linux"
              },
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "xen",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "?",
                            "version_value": "consult Xen advisory XSA-403"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Xen"
              }
            ]
          }
        },
        "configuration": {
          "configuration_data": {
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "All Linux guests using PV devices are vulnerable in case potentially\nmalicious PV device backends are being used."
                }
              ]
            }
          }
        },
        "credit": {
          "credit_data": {
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The issue related to not zeroing memory areas used for shared communications\nwas discovered by Roger Pau Monn\u00e9 of Citrix.\n\nThe issue related to leaking contiguous data in granted pages was disclosed\npublicly."
                }
              ]
            }
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don\u0027t zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740). Additionally the granularity of the grant table doesn\u0027t allow sharing less than a 4K page, leading to unrelated data residing in the same 4K page as data shared with a backend being accessible by such backend (CVE-2022-33741, CVE-2022-33742)."
            }
          ]
        },
        "impact": {
          "impact_data": {
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "An untrusted backend can access data not intended to be shared.  If such\nmappings are made with write permissions the backend could also cause\nmalfunctions and/or crashes to consumers of contiguous data in the shared\npages."
                }
              ]
            }
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "unknown"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://xenbits.xenproject.org/xsa/advisory-403.txt",
              "refsource": "MISC",
              "url": "https://xenbits.xenproject.org/xsa/advisory-403.txt"
            },
            {
              "name": "http://xenbits.xen.org/xsa/advisory-403.html",
              "refsource": "CONFIRM",
              "url": "http://xenbits.xen.org/xsa/advisory-403.html"
            },
            {
              "name": "[oss-security] 20220705 Xen Security Advisory 403 v3 (CVE-2022-26365,CVE-2022-33740,CVE-2022-33741,CVE-2022-33742) - Linux disk/nic frontends data leaks",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2022/07/05/6"
            },
            {
              "name": "FEDORA-2022-c4ec706488",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IGFTRZ66KQYTSYIRT5FRHF5D6O72NWOP/"
            },
            {
              "name": "FEDORA-2022-2c9f8224f8",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RKRXZ4LHGCGMOG24ZCEJNY6R2BTS4S2Q/"
            },
            {
              "name": "DSA-5191",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2022/dsa-5191"
            },
            {
              "name": "[debian-lts-announce] 20221002 [SECURITY] [DLA 3131-1] linux security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00000.html"
            }
          ]
        },
        "workaround": {
          "workaround_data": {
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "There is no mitigation available other than not using PV devices in case\na backend is suspected to be potentially malicious."
                }
              ]
            }
          }
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "23aa2041-22e1-471f-9209-9b7396fa234f",
    "assignerShortName": "XEN",
    "cveId": "CVE-2022-33742",
    "datePublished": "2022-07-05T12:50:39",
    "dateReserved": "2022-06-15T00:00:00",
    "dateUpdated": "2024-08-03T08:09:22.683Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-28689 (GCVE-0-2021-28689)

Vulnerability from cvelistv5

Published

2021-06-11 14:53

Modified

2024-08-03 21:47

Severity ?

CWE

unknown

Summary

x86: Speculative vulnerabilities with bare (non-shim) 32-bit PV guests 32-bit x86 PV guest kernels run in ring 1. At the time when Xen was developed, this area of the i386 architecture was rarely used, which is why Xen was able to use it to implement paravirtualisation, Xen's novel approach to virtualization. In AMD64, Xen had to use a different implementation approach, so Xen does not use ring 1 to support 64-bit guests. With the focus now being on 64-bit systems, and the availability of explicit hardware support for virtualization, fixing speculation issues in ring 1 is not a priority for processor companies. Indirect Branch Restricted Speculation (IBRS) is an architectural x86 extension put together to combat speculative execution sidechannel attacks, including Spectre v2. It was retrofitted in microcode to existing CPUs. For more details on Spectre v2, see: http://xenbits.xen.org/xsa/advisory-254.html However, IBRS does not architecturally protect ring 0 from predictions learnt in ring 1. For more details, see: https://software.intel.com/security-software-guidance/deep-dives/deep-dive-indirect-branch-restricted-speculation Similar situations may exist with other mitigations for other kinds of speculative execution attacks. The situation is quite likely to be similar for speculative execution attacks which have yet to be discovered, disclosed, or mitigated.

References

►

URL

Tags

https://xenbits.xenproject.org/xsa/advisory-370.txt

x_refsource_MISC

Impacted products

	Vendor	Product	Version
	Xen	Xen

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T21:47:33.181Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://xenbits.xenproject.org/xsa/advisory-370.txt"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Xen",
          "vendor": "Xen",
          "versions": [
            {
              "lessThan": "4.12",
              "status": "unknown",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "{\u0027credit_data\u0027: {\u0027description\u0027: {\u0027description_data\u0027: [{\u0027lang\u0027: \u0027eng\u0027, \u0027value\u0027: \u0027This issue was discovered by Jann Horn of Google Project Zero.\u0027}]}}}"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "x86: Speculative vulnerabilities with bare (non-shim) 32-bit PV guests 32-bit x86 PV guest kernels run in ring 1. At the time when Xen was developed, this area of the i386 architecture was rarely used, which is why Xen was able to use it to implement paravirtualisation, Xen\u0027s novel approach to virtualization. In AMD64, Xen had to use a different implementation approach, so Xen does not use ring 1 to support 64-bit guests. With the focus now being on 64-bit systems, and the availability of explicit hardware support for virtualization, fixing speculation issues in ring 1 is not a priority for processor companies. Indirect Branch Restricted Speculation (IBRS) is an architectural x86 extension put together to combat speculative execution sidechannel attacks, including Spectre v2. It was retrofitted in microcode to existing CPUs. For more details on Spectre v2, see: http://xenbits.xen.org/xsa/advisory-254.html However, IBRS does not architecturally protect ring 0 from predictions learnt in ring 1. For more details, see: https://software.intel.com/security-software-guidance/deep-dives/deep-dive-indirect-branch-restricted-speculation Similar situations may exist with other mitigations for other kinds of speculative execution attacks. The situation is quite likely to be similar for speculative execution attacks which have yet to be discovered, disclosed, or mitigated."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "description": {
                "description_data": [
                  {
                    "lang": "eng",
                    "value": "A malicious 32-bit guest kernel may be able to mount a Spectre v2 attack\nagainst Xen, despite the presence hardware protections being active.\n\nIt therefore might be able to infer the contents of arbitrary host memory,\nincluding memory assigned to other guests."
                  }
                ]
              }
            },
            "type": "unknown"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "unknown",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-06-11T14:53:06",
        "orgId": "23aa2041-22e1-471f-9209-9b7396fa234f",
        "shortName": "XEN"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://xenbits.xenproject.org/xsa/advisory-370.txt"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@xen.org",
          "ID": "CVE-2021-28689",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Xen",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "?\u003c",
                            "version_value": "4.12"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Xen"
              }
            ]
          }
        },
        "configuration": {
          "configuration_data": {
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Systems running all versions of Xen are affected.\n\nOnly x86 systems are vulnerable, and only CPUs which are potentially\nvulnerable to Spectre v2.  Consult your hardware manufacturer.\n\nThe vulnerability can only be exploited by 32-bit PV guests which are not\nrun in PV-Shim."
                }
              ]
            }
          }
        },
        "credit": {
          "credit_data": {
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "This issue was discovered by Jann Horn of Google Project Zero."
                }
              ]
            }
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "x86: Speculative vulnerabilities with bare (non-shim) 32-bit PV guests 32-bit x86 PV guest kernels run in ring 1. At the time when Xen was developed, this area of the i386 architecture was rarely used, which is why Xen was able to use it to implement paravirtualisation, Xen\u0027s novel approach to virtualization. In AMD64, Xen had to use a different implementation approach, so Xen does not use ring 1 to support 64-bit guests. With the focus now being on 64-bit systems, and the availability of explicit hardware support for virtualization, fixing speculation issues in ring 1 is not a priority for processor companies. Indirect Branch Restricted Speculation (IBRS) is an architectural x86 extension put together to combat speculative execution sidechannel attacks, including Spectre v2. It was retrofitted in microcode to existing CPUs. For more details on Spectre v2, see: http://xenbits.xen.org/xsa/advisory-254.html However, IBRS does not architecturally protect ring 0 from predictions learnt in ring 1. For more details, see: https://software.intel.com/security-software-guidance/deep-dives/deep-dive-indirect-branch-restricted-speculation Similar situations may exist with other mitigations for other kinds of speculative execution attacks. The situation is quite likely to be similar for speculative execution attacks which have yet to be discovered, disclosed, or mitigated."
            }
          ]
        },
        "impact": {
          "impact_data": {
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A malicious 32-bit guest kernel may be able to mount a Spectre v2 attack\nagainst Xen, despite the presence hardware protections being active.\n\nIt therefore might be able to infer the contents of arbitrary host memory,\nincluding memory assigned to other guests."
                }
              ]
            }
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "unknown"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://xenbits.xenproject.org/xsa/advisory-370.txt",
              "refsource": "MISC",
              "url": "https://xenbits.xenproject.org/xsa/advisory-370.txt"
            }
          ]
        },
        "workaround": {
          "workaround_data": {
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Running 32-bit PV guests under PV-Shim avoids the vulnerability when Spectre v2\nprotections are otherwise enabled on the system.\n\nPV shim is available and fully security-supported in all\nsecurity-supported versions of Xen.  Using shim is the recommended\nconfiguration.\n\nNot running 32-bit PV guests avoids the vulnerability."
                }
              ]
            }
          }
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "23aa2041-22e1-471f-9209-9b7396fa234f",
    "assignerShortName": "XEN",
    "cveId": "CVE-2021-28689",
    "datePublished": "2021-06-11T14:53:06",
    "dateReserved": "2021-03-18T00:00:00",
    "dateUpdated": "2024-08-03T21:47:33.181Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-33741 (GCVE-0-2022-33741)

Vulnerability from cvelistv5

Published

2022-07-05 12:50

Modified

2024-08-03 08:09

Severity ?

CWE

unknown

Summary

References

►

URL

Tags

	https://xenbits.xenproject.org/xsa/advisory-403.txt	x_refsource_MISC
	http://xenbits.xen.org/xsa/advisory-403.html	x_refsource_CONFIRM
	http://www.openwall.com/lists/oss-security/2022/07/05/6	mailing-list, x_refsource_MLIST
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IGFTRZ66KQYTSYIRT5FRHF5D6O72NWOP/	vendor-advisory, x_refsource_FEDORA
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RKRXZ4LHGCGMOG24ZCEJNY6R2BTS4S2Q/	vendor-advisory, x_refsource_FEDORA
	https://www.debian.org/security/2022/dsa-5191	vendor-advisory, x_refsource_DEBIAN
	https://lists.debian.org/debian-lts-announce/2022/10/msg00000.html	mailing-list, x_refsource_MLIST

Impacted products

Vendor

Product

Version

►

Linux

Xen

xen

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T08:09:22.659Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://xenbits.xenproject.org/xsa/advisory-403.txt"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://xenbits.xen.org/xsa/advisory-403.html"
          },
          {
            "name": "[oss-security] 20220705 Xen Security Advisory 403 v3 (CVE-2022-26365,CVE-2022-33740,CVE-2022-33741,CVE-2022-33742) - Linux disk/nic frontends data leaks",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2022/07/05/6"
          },
          {
            "name": "FEDORA-2022-c4ec706488",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IGFTRZ66KQYTSYIRT5FRHF5D6O72NWOP/"
          },
          {
            "name": "FEDORA-2022-2c9f8224f8",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RKRXZ4LHGCGMOG24ZCEJNY6R2BTS4S2Q/"
          },
          {
            "name": "DSA-5191",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2022/dsa-5191"
          },
          {
            "name": "[debian-lts-announce] 20221002 [SECURITY] [DLA 3131-1] linux security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00000.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Linux",
          "vendor": "Linux",
          "versions": [
            {
              "status": "unknown",
              "version": "consult Xen advisory XSA-403"
            }
          ]
        },
        {
          "product": "xen",
          "vendor": "Xen",
          "versions": [
            {
              "status": "unknown",
              "version": "consult Xen advisory XSA-403"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "{\u0027credit_data\u0027: {\u0027description\u0027: {\u0027description_data\u0027: [{\u0027lang\u0027: \u0027eng\u0027, \u0027value\u0027: \u0027The issue related to not zeroing memory areas used for shared communications\\nwas discovered by Roger Pau Monn\u00e9 of Citrix.\\n\\nThe issue related to leaking contiguous data in granted pages was disclosed\\npublicly.\u0027}]}}}"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don\u0027t zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740). Additionally the granularity of the grant table doesn\u0027t allow sharing less than a 4K page, leading to unrelated data residing in the same 4K page as data shared with a backend being accessible by such backend (CVE-2022-33741, CVE-2022-33742)."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "description": {
                "description_data": [
                  {
                    "lang": "eng",
                    "value": "An untrusted backend can access data not intended to be shared.  If such\nmappings are made with write permissions the backend could also cause\nmalfunctions and/or crashes to consumers of contiguous data in the shared\npages."
                  }
                ]
              }
            },
            "type": "unknown"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "unknown",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-10-02T18:06:06",
        "orgId": "23aa2041-22e1-471f-9209-9b7396fa234f",
        "shortName": "XEN"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://xenbits.xenproject.org/xsa/advisory-403.txt"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://xenbits.xen.org/xsa/advisory-403.html"
        },
        {
          "name": "[oss-security] 20220705 Xen Security Advisory 403 v3 (CVE-2022-26365,CVE-2022-33740,CVE-2022-33741,CVE-2022-33742) - Linux disk/nic frontends data leaks",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2022/07/05/6"
        },
        {
          "name": "FEDORA-2022-c4ec706488",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IGFTRZ66KQYTSYIRT5FRHF5D6O72NWOP/"
        },
        {
          "name": "FEDORA-2022-2c9f8224f8",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RKRXZ4LHGCGMOG24ZCEJNY6R2BTS4S2Q/"
        },
        {
          "name": "DSA-5191",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2022/dsa-5191"
        },
        {
          "name": "[debian-lts-announce] 20221002 [SECURITY] [DLA 3131-1] linux security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00000.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@xen.org",
          "ID": "CVE-2022-33741",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Linux",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "?",
                            "version_value": "consult Xen advisory XSA-403"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Linux"
              },
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "xen",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "?",
                            "version_value": "consult Xen advisory XSA-403"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Xen"
              }
            ]
          }
        },
        "configuration": {
          "configuration_data": {
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "All Linux guests using PV devices are vulnerable in case potentially\nmalicious PV device backends are being used."
                }
              ]
            }
          }
        },
        "credit": {
          "credit_data": {
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The issue related to not zeroing memory areas used for shared communications\nwas discovered by Roger Pau Monn\u00e9 of Citrix.\n\nThe issue related to leaking contiguous data in granted pages was disclosed\npublicly."
                }
              ]
            }
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don\u0027t zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740). Additionally the granularity of the grant table doesn\u0027t allow sharing less than a 4K page, leading to unrelated data residing in the same 4K page as data shared with a backend being accessible by such backend (CVE-2022-33741, CVE-2022-33742)."
            }
          ]
        },
        "impact": {
          "impact_data": {
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "An untrusted backend can access data not intended to be shared.  If such\nmappings are made with write permissions the backend could also cause\nmalfunctions and/or crashes to consumers of contiguous data in the shared\npages."
                }
              ]
            }
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "unknown"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://xenbits.xenproject.org/xsa/advisory-403.txt",
              "refsource": "MISC",
              "url": "https://xenbits.xenproject.org/xsa/advisory-403.txt"
            },
            {
              "name": "http://xenbits.xen.org/xsa/advisory-403.html",
              "refsource": "CONFIRM",
              "url": "http://xenbits.xen.org/xsa/advisory-403.html"
            },
            {
              "name": "[oss-security] 20220705 Xen Security Advisory 403 v3 (CVE-2022-26365,CVE-2022-33740,CVE-2022-33741,CVE-2022-33742) - Linux disk/nic frontends data leaks",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2022/07/05/6"
            },
            {
              "name": "FEDORA-2022-c4ec706488",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IGFTRZ66KQYTSYIRT5FRHF5D6O72NWOP/"
            },
            {
              "name": "FEDORA-2022-2c9f8224f8",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RKRXZ4LHGCGMOG24ZCEJNY6R2BTS4S2Q/"
            },
            {
              "name": "DSA-5191",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2022/dsa-5191"
            },
            {
              "name": "[debian-lts-announce] 20221002 [SECURITY] [DLA 3131-1] linux security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00000.html"
            }
          ]
        },
        "workaround": {
          "workaround_data": {
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "There is no mitigation available other than not using PV devices in case\na backend is suspected to be potentially malicious."
                }
              ]
            }
          }
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "23aa2041-22e1-471f-9209-9b7396fa234f",
    "assignerShortName": "XEN",
    "cveId": "CVE-2022-33741",
    "datePublished": "2022-07-05T12:50:33",
    "dateReserved": "2022-06-15T00:00:00",
    "dateUpdated": "2024-08-03T08:09:22.659Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-26365 (GCVE-0-2022-26365)

Vulnerability from cvelistv5

Published

2022-07-05 12:50

Modified

2024-08-03 05:03

Severity ?

CWE

unknown

Summary

References

►

URL

Tags

	https://xenbits.xenproject.org/xsa/advisory-403.txt	x_refsource_MISC
	http://xenbits.xen.org/xsa/advisory-403.html	x_refsource_CONFIRM
	http://www.openwall.com/lists/oss-security/2022/07/05/6	mailing-list, x_refsource_MLIST
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IGFTRZ66KQYTSYIRT5FRHF5D6O72NWOP/	vendor-advisory, x_refsource_FEDORA
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RKRXZ4LHGCGMOG24ZCEJNY6R2BTS4S2Q/	vendor-advisory, x_refsource_FEDORA
	https://www.debian.org/security/2022/dsa-5191	vendor-advisory, x_refsource_DEBIAN
	https://lists.debian.org/debian-lts-announce/2022/10/msg00000.html	mailing-list, x_refsource_MLIST

Impacted products

Vendor

Product

Version

►

Linux

Xen

xen

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T05:03:32.784Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://xenbits.xenproject.org/xsa/advisory-403.txt"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://xenbits.xen.org/xsa/advisory-403.html"
          },
          {
            "name": "[oss-security] 20220705 Xen Security Advisory 403 v3 (CVE-2022-26365,CVE-2022-33740,CVE-2022-33741,CVE-2022-33742) - Linux disk/nic frontends data leaks",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2022/07/05/6"
          },
          {
            "name": "FEDORA-2022-c4ec706488",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IGFTRZ66KQYTSYIRT5FRHF5D6O72NWOP/"
          },
          {
            "name": "FEDORA-2022-2c9f8224f8",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RKRXZ4LHGCGMOG24ZCEJNY6R2BTS4S2Q/"
          },
          {
            "name": "DSA-5191",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2022/dsa-5191"
          },
          {
            "name": "[debian-lts-announce] 20221002 [SECURITY] [DLA 3131-1] linux security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00000.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Linux",
          "vendor": "Linux",
          "versions": [
            {
              "status": "unknown",
              "version": "consult Xen advisory XSA-403"
            }
          ]
        },
        {
          "product": "xen",
          "vendor": "Xen",
          "versions": [
            {
              "status": "unknown",
              "version": "consult Xen advisory XSA-403"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "{\u0027credit_data\u0027: {\u0027description\u0027: {\u0027description_data\u0027: [{\u0027lang\u0027: \u0027eng\u0027, \u0027value\u0027: \u0027The issue related to not zeroing memory areas used for shared communications\\nwas discovered by Roger Pau Monn\u00e9 of Citrix.\\n\\nThe issue related to leaking contiguous data in granted pages was disclosed\\npublicly.\u0027}]}}}"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don\u0027t zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740). Additionally the granularity of the grant table doesn\u0027t allow sharing less than a 4K page, leading to unrelated data residing in the same 4K page as data shared with a backend being accessible by such backend (CVE-2022-33741, CVE-2022-33742)."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "description": {
                "description_data": [
                  {
                    "lang": "eng",
                    "value": "An untrusted backend can access data not intended to be shared.  If such\nmappings are made with write permissions the backend could also cause\nmalfunctions and/or crashes to consumers of contiguous data in the shared\npages."
                  }
                ]
              }
            },
            "type": "unknown"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "unknown",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-10-02T18:06:21",
        "orgId": "23aa2041-22e1-471f-9209-9b7396fa234f",
        "shortName": "XEN"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://xenbits.xenproject.org/xsa/advisory-403.txt"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://xenbits.xen.org/xsa/advisory-403.html"
        },
        {
          "name": "[oss-security] 20220705 Xen Security Advisory 403 v3 (CVE-2022-26365,CVE-2022-33740,CVE-2022-33741,CVE-2022-33742) - Linux disk/nic frontends data leaks",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2022/07/05/6"
        },
        {
          "name": "FEDORA-2022-c4ec706488",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IGFTRZ66KQYTSYIRT5FRHF5D6O72NWOP/"
        },
        {
          "name": "FEDORA-2022-2c9f8224f8",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RKRXZ4LHGCGMOG24ZCEJNY6R2BTS4S2Q/"
        },
        {
          "name": "DSA-5191",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2022/dsa-5191"
        },
        {
          "name": "[debian-lts-announce] 20221002 [SECURITY] [DLA 3131-1] linux security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00000.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@xen.org",
          "ID": "CVE-2022-26365",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Linux",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "?",
                            "version_value": "consult Xen advisory XSA-403"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Linux"
              },
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "xen",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "?",
                            "version_value": "consult Xen advisory XSA-403"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Xen"
              }
            ]
          }
        },
        "configuration": {
          "configuration_data": {
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "All Linux guests using PV devices are vulnerable in case potentially\nmalicious PV device backends are being used."
                }
              ]
            }
          }
        },
        "credit": {
          "credit_data": {
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The issue related to not zeroing memory areas used for shared communications\nwas discovered by Roger Pau Monn\u00e9 of Citrix.\n\nThe issue related to leaking contiguous data in granted pages was disclosed\npublicly."
                }
              ]
            }
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don\u0027t zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740). Additionally the granularity of the grant table doesn\u0027t allow sharing less than a 4K page, leading to unrelated data residing in the same 4K page as data shared with a backend being accessible by such backend (CVE-2022-33741, CVE-2022-33742)."
            }
          ]
        },
        "impact": {
          "impact_data": {
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "An untrusted backend can access data not intended to be shared.  If such\nmappings are made with write permissions the backend could also cause\nmalfunctions and/or crashes to consumers of contiguous data in the shared\npages."
                }
              ]
            }
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "unknown"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://xenbits.xenproject.org/xsa/advisory-403.txt",
              "refsource": "MISC",
              "url": "https://xenbits.xenproject.org/xsa/advisory-403.txt"
            },
            {
              "name": "http://xenbits.xen.org/xsa/advisory-403.html",
              "refsource": "CONFIRM",
              "url": "http://xenbits.xen.org/xsa/advisory-403.html"
            },
            {
              "name": "[oss-security] 20220705 Xen Security Advisory 403 v3 (CVE-2022-26365,CVE-2022-33740,CVE-2022-33741,CVE-2022-33742) - Linux disk/nic frontends data leaks",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2022/07/05/6"
            },
            {
              "name": "FEDORA-2022-c4ec706488",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IGFTRZ66KQYTSYIRT5FRHF5D6O72NWOP/"
            },
            {
              "name": "FEDORA-2022-2c9f8224f8",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RKRXZ4LHGCGMOG24ZCEJNY6R2BTS4S2Q/"
            },
            {
              "name": "DSA-5191",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2022/dsa-5191"
            },
            {
              "name": "[debian-lts-announce] 20221002 [SECURITY] [DLA 3131-1] linux security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00000.html"
            }
          ]
        },
        "workaround": {
          "workaround_data": {
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "There is no mitigation available other than not using PV devices in case\na backend is suspected to be potentially malicious."
                }
              ]
            }
          }
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "23aa2041-22e1-471f-9209-9b7396fa234f",
    "assignerShortName": "XEN",
    "cveId": "CVE-2022-26365",
    "datePublished": "2022-07-05T12:50:28",
    "dateReserved": "2022-03-02T00:00:00",
    "dateUpdated": "2024-08-03T05:03:32.784Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-33748 (GCVE-0-2022-33748)

Vulnerability from cvelistv5

Published

2022-10-11 00:00

Modified

2024-08-03 08:09

Severity ?

CWE

unknown

Summary

lock order inversion in transitive grant copy handling As part of XSA-226 a missing cleanup call was inserted on an error handling path. While doing so, locking requirements were not paid attention to. As a result two cooperating guests granting each other transitive grants can cause locks to be acquired nested within one another, but in respectively opposite order. With suitable timing between the involved grant copy operations this may result in the locking up of a CPU.

References

►

URL

Tags

	https://xenbits.xenproject.org/xsa/advisory-411.txt
	http://xenbits.xen.org/xsa/advisory-411.html
	http://www.openwall.com/lists/oss-security/2022/10/11/2	mailing-list
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWSC77GS5NATI3TT7FMVPULUPXR635XQ/	vendor-advisory
	https://www.debian.org/security/2022/dsa-5272	vendor-advisory
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TJOMUNGW6VTK5CZZRLWLVVEOUPEQBRHI/	vendor-advisory
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZVXG7OOOXCX6VIPEMLFDPIPUTFAYWPE/	vendor-advisory
	https://security.gentoo.org/glsa/202402-07	vendor-advisory

Impacted products

	Vendor	Product	Version
	Xen	xen

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T08:09:22.688Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://xenbits.xenproject.org/xsa/advisory-411.txt"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://xenbits.xen.org/xsa/advisory-411.html"
          },
          {
            "name": "[oss-security] 20221011 Xen Security Advisory 411 v3 (CVE-2022-33748) - lock order inversion in transitive grant copy handling",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2022/10/11/2"
          },
          {
            "name": "FEDORA-2022-5b594b82ac",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWSC77GS5NATI3TT7FMVPULUPXR635XQ/"
          },
          {
            "name": "DSA-5272",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2022/dsa-5272"
          },
          {
            "name": "FEDORA-2022-d80cc73088",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TJOMUNGW6VTK5CZZRLWLVVEOUPEQBRHI/"
          },
          {
            "name": "FEDORA-2022-99af00f60e",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZVXG7OOOXCX6VIPEMLFDPIPUTFAYWPE/"
          },
          {
            "name": "GLSA-202402-07",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202402-07"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "xen",
          "vendor": "Xen",
          "versions": [
            {
              "status": "unknown",
              "version": "consult Xen advisory XSA-411"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "{\u0027credit_data\u0027: {\u0027description\u0027: {\u0027description_data\u0027: [{\u0027lang\u0027: \u0027eng\u0027, \u0027value\u0027: \u0027This issue was discovered by Jan Beulich of SUSE.\u0027}]}}}"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "lock order inversion in transitive grant copy handling As part of XSA-226 a missing cleanup call was inserted on an error handling path. While doing so, locking requirements were not paid attention to. As a result two cooperating guests granting each other transitive grants can cause locks to be acquired nested within one another, but in respectively opposite order. With suitable timing between the involved grant copy operations this may result in the locking up of a CPU."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "description": {
                "description_data": [
                  {
                    "lang": "eng",
                    "value": "Malicious or buggy guest kernels may be able to mount a Denial of\nService (DoS) attack affecting the entire system."
                  }
                ]
              }
            },
            "type": "unknown"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "unknown",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-02-04T08:07:33.759116",
        "orgId": "23aa2041-22e1-471f-9209-9b7396fa234f",
        "shortName": "XEN"
      },
      "references": [
        {
          "url": "https://xenbits.xenproject.org/xsa/advisory-411.txt"
        },
        {
          "url": "http://xenbits.xen.org/xsa/advisory-411.html"
        },
        {
          "name": "[oss-security] 20221011 Xen Security Advisory 411 v3 (CVE-2022-33748) - lock order inversion in transitive grant copy handling",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2022/10/11/2"
        },
        {
          "name": "FEDORA-2022-5b594b82ac",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWSC77GS5NATI3TT7FMVPULUPXR635XQ/"
        },
        {
          "name": "DSA-5272",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.debian.org/security/2022/dsa-5272"
        },
        {
          "name": "FEDORA-2022-d80cc73088",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TJOMUNGW6VTK5CZZRLWLVVEOUPEQBRHI/"
        },
        {
          "name": "FEDORA-2022-99af00f60e",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZVXG7OOOXCX6VIPEMLFDPIPUTFAYWPE/"
        },
        {
          "name": "GLSA-202402-07",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.gentoo.org/glsa/202402-07"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "23aa2041-22e1-471f-9209-9b7396fa234f",
    "assignerShortName": "XEN",
    "cveId": "CVE-2022-33748",
    "datePublished": "2022-10-11T00:00:00",
    "dateReserved": "2022-06-15T00:00:00",
    "dateUpdated": "2024-08-03T08:09:22.688Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-33746 (GCVE-0-2022-33746)

Vulnerability from cvelistv5

Published

2022-10-11 00:00

Modified

2024-08-03 08:09

Severity ?

CWE

unknown

Summary

P2M pool freeing may take excessively long The P2M pool backing second level address translation for guests may be of significant size. Therefore its freeing may take more time than is reasonable without intermediate preemption checks. Such checking for the need to preempt was so far missing.

References

►

URL

Tags

	https://xenbits.xenproject.org/xsa/advisory-410.txt
	http://xenbits.xen.org/xsa/advisory-410.html
	http://www.openwall.com/lists/oss-security/2022/10/11/3	mailing-list
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWSC77GS5NATI3TT7FMVPULUPXR635XQ/	vendor-advisory
	https://www.debian.org/security/2022/dsa-5272	vendor-advisory
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TJOMUNGW6VTK5CZZRLWLVVEOUPEQBRHI/	vendor-advisory
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZVXG7OOOXCX6VIPEMLFDPIPUTFAYWPE/	vendor-advisory
	https://security.gentoo.org/glsa/202402-07	vendor-advisory

Impacted products

	Vendor	Product	Version
	Xen	xen

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T08:09:22.668Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://xenbits.xenproject.org/xsa/advisory-410.txt"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://xenbits.xen.org/xsa/advisory-410.html"
          },
          {
            "name": "[oss-security] 20221011 Xen Security Advisory 410 v3 (CVE-2022-33746) - P2M pool freeing may take excessively long",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2022/10/11/3"
          },
          {
            "name": "FEDORA-2022-5b594b82ac",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWSC77GS5NATI3TT7FMVPULUPXR635XQ/"
          },
          {
            "name": "DSA-5272",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2022/dsa-5272"
          },
          {
            "name": "FEDORA-2022-d80cc73088",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TJOMUNGW6VTK5CZZRLWLVVEOUPEQBRHI/"
          },
          {
            "name": "FEDORA-2022-99af00f60e",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZVXG7OOOXCX6VIPEMLFDPIPUTFAYWPE/"
          },
          {
            "name": "GLSA-202402-07",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202402-07"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "xen",
          "vendor": "Xen",
          "versions": [
            {
              "status": "unknown",
              "version": "consult Xen advisory XSA-410"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "{\u0027credit_data\u0027: {\u0027description\u0027: {\u0027description_data\u0027: [{\u0027lang\u0027: \u0027eng\u0027, \u0027value\u0027: \u0027This issue was discovered by Julien Grall of Amazon.\u0027}]}}}"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "P2M pool freeing may take excessively long The P2M pool backing second level address translation for guests may be of significant size. Therefore its freeing may take more time than is reasonable without intermediate preemption checks. Such checking for the need to preempt was so far missing."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "description": {
                "description_data": [
                  {
                    "lang": "eng",
                    "value": "A group of collaborating guests can cause the temporary locking up of a\nCPU, potentially leading to a Denial of Service (DoS) affecting the\nentire host."
                  }
                ]
              }
            },
            "type": "unknown"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "unknown",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-02-04T08:06:33.274865",
        "orgId": "23aa2041-22e1-471f-9209-9b7396fa234f",
        "shortName": "XEN"
      },
      "references": [
        {
          "url": "https://xenbits.xenproject.org/xsa/advisory-410.txt"
        },
        {
          "url": "http://xenbits.xen.org/xsa/advisory-410.html"
        },
        {
          "name": "[oss-security] 20221011 Xen Security Advisory 410 v3 (CVE-2022-33746) - P2M pool freeing may take excessively long",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2022/10/11/3"
        },
        {
          "name": "FEDORA-2022-5b594b82ac",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWSC77GS5NATI3TT7FMVPULUPXR635XQ/"
        },
        {
          "name": "DSA-5272",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.debian.org/security/2022/dsa-5272"
        },
        {
          "name": "FEDORA-2022-d80cc73088",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TJOMUNGW6VTK5CZZRLWLVVEOUPEQBRHI/"
        },
        {
          "name": "FEDORA-2022-99af00f60e",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZVXG7OOOXCX6VIPEMLFDPIPUTFAYWPE/"
        },
        {
          "name": "GLSA-202402-07",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.gentoo.org/glsa/202402-07"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "23aa2041-22e1-471f-9209-9b7396fa234f",
    "assignerShortName": "XEN",
    "cveId": "CVE-2022-33746",
    "datePublished": "2022-10-11T00:00:00",
    "dateReserved": "2022-06-15T00:00:00",
    "dateUpdated": "2024-08-03T08:09:22.668Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

suse-su-2022:3728-1

Vulnerability from csaf_suse

CVE-2022-33740 (GCVE-0-2022-33740)

Vulnerability from cvelistv5

CVE-2022-33742 (GCVE-0-2022-33742)

Vulnerability from cvelistv5

CVE-2021-28689 (GCVE-0-2021-28689)

Vulnerability from cvelistv5

CVE-2022-33741 (GCVE-0-2022-33741)

Vulnerability from cvelistv5

CVE-2022-26365 (GCVE-0-2022-26365)

Vulnerability from cvelistv5

CVE-2022-33748 (GCVE-0-2022-33748)

Vulnerability from cvelistv5

CVE-2022-33746 (GCVE-0-2022-33746)

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature