5 matches found
CVE-2022-23041
The connected Astra Linux entries link CVE-2022-23041 to Linux PV device frontends (blkfront, netfront, scsifront, gntalloc, xenbus) that use grant-table interfaces to drop backend access. The issue arises from race conditions when removing grant access: if a backend has mapped the granted page b...
CVE-2021-28699
inadequate grant-v2 status frames array bounds check The v2 grant table interface separates grant attributes from grant status. That is, when operating in this mode, a guest has two tables. As a result, guests also need to be able to retrieve the addresses that the new status tracking table can b...
CVE-2021-28699
CVE-2021-28699 affects Xen-based platforms (Citrix Hypervisor and Xen). The issue is an inadequate bounds check in the grant table status path: translation of the grant-status frame numbers can exceed allocated translation space, allowing writes beyond the intended area. Citrix shows this as a ho...
CVE-2021-28699
inadequate grant-v2 status frames array bounds check The v2 grant table interface separates grant attributes from grant status. That is, when operating in this mode, a guest has two tables. As a result, guests also need to be able to retrieve the addresses that the new status tracking table can b...
CVE-2021-28699
inadequate grant-v2 status frames array bounds check The v2 grant table interface separates grant attributes from grant status. That is, when operating in this mode, a guest has two tables. As a result, guests also need to be able to retrieve the addresses that the new status tracking table can b...