Showing 1 - 2 of 2

CVE-2022-23033

Status Candidate

Overview

arm: guest_physmap_remove_page not removing the p2m mappings The functions to remove one or more entries from a guest p2m pagetable on Arm (p2m_remove_mapping, guest_physmap_remove_page, and p2m_set_entry with mfn set to INVALID_MFN) do not actually clear the pagetable entry if the entry doesn't have the valid bit set. It is possible to have a valid pagetable entry without the valid bit set when a guest operating system uses set/way cache maintenance instructions. For instance, a guest issuing a set/way cache maintenance instruction, then calling the XENMEM_decrease_reservation hypercall to give back memory pages to Xen, might be able to retain access to those pages even after Xen started reusing them for other purposes.

Related Files

Gentoo Linux Security Advisory 202208-23: Posted Aug 15, 2022; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 202208-23 - Multiple vulnerabilities have been discovered in Xen, the worst of which could result in remote code execution (guest sandbox escape). Versions less than 4.15.3 are affected.; tags | advisory, remote, vulnerability, code execution; systems | linux, gentoo; advisories | CVE-2021-28694, CVE-2021-28695, CVE-2021-28696, CVE-2021-28697, CVE-2021-28698, CVE-2021-28699, CVE-2021-28700, CVE-2021-28701, CVE-2021-28702, CVE-2021-28710, CVE-2022-21123, CVE-2022-21125, CVE-2022-21166, CVE-2022-23033; SHA-256 | 4b31aee7a5cd625cd40109d4e1ecb336918cb0c69db275257ec143711c990e8e; Download | Favorite | View

Debian Security Advisory 5117-1: Posted Apr 28, 2022; Authored by Debian | Site debian.org; Debian Linux Security Advisory 5117-1 - Multiple vulnerabilities have been discovered in the Xen hypervisor, which could result in privilege escalation, denial of service or information leaks.; tags | advisory, denial of service, vulnerability; systems | linux, debian; advisories | CVE-2022-23033, CVE-2022-23034, CVE-2022-23035, CVE-2022-26356, CVE-2022-26357, CVE-2022-26358, CVE-2022-26359, CVE-2022-26360, CVE-2022-26361; SHA-256 | 819f8a49cd9f2ae6dc9a4768afc2e71a91e4114e4c5860d415894bcc9b37f10b; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 274 files
indoushka 182 files
Ubuntu 100 files
Gentoo 32 files
Debian 16 files
malvuln 13 files
Frederik Beimgraben 11 files
Chris Beiter 11 files
Matthias Deeg 11 files
Apple 10 files

File Archives

Systems

AIX (430)
Apple (2,115)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,130)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,599)
HPUX (881)
iOS (390)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,410)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (16,936)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,894)
UNIX (9,463)
UnixWare (188)
Windows (6,782)
Other

CVE-2022-23033

Overview

Related Files

File Archive:

October 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems