4.7 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
1.9 Low
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:N/I:N/A:P
0.0004 Low
EPSS
Percentile
13.3%
Arm guests can cause Dom0 DoS via PV devices When mapping pages of guests
on Arm, dom0 is using an rbtree to keep track of the foreign mappings.
Updating of that rbtree is not always done completely with the related lock
held, resulting in a small race window, which can be used by unprivileged
guests via PV devices to cause inconsistencies of the rbtree. These
inconsistencies can lead to Denial of Service (DoS) of dom0, e.g. by
causing crashes or the inability to perform further mappings of other
guests’ memory pages.
Author | Note |
---|---|
sbeattie | according to the Xen advisory, introduced in 3.13. |
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 18.04 | noarch | linux | < 4.15.0-194.205 | UNKNOWN |
ubuntu | 20.04 | noarch | linux | < 5.4.0-128.144 | UNKNOWN |
ubuntu | 22.04 | noarch | linux | < 5.15.0-48.54 | UNKNOWN |
ubuntu | 18.04 | noarch | linux-aws | < 4.15.0-1142.154 | UNKNOWN |
ubuntu | 20.04 | noarch | linux-aws | < 5.4.0-1086.93 | UNKNOWN |
ubuntu | 22.04 | noarch | linux-aws | < 5.15.0-1020.24 | UNKNOWN |
ubuntu | 20.04 | noarch | linux-aws-5.15 | < 5.15.0-1020.24~20.04.1 | UNKNOWN |
ubuntu | 18.04 | noarch | linux-aws-5.4 | < 5.4.0-1086.93~18.04.1 | UNKNOWN |
ubuntu | 16.04 | noarch | linux-aws-hwe | < 4.15.0-1142.154~16.04.1) Available with Ubuntu Pro or Ubuntu Pro (Infra-only | UNKNOWN |
ubuntu | 20.04 | noarch | linux-azure | < 5.4.0-1094.100 | UNKNOWN |
www.openwall.com/lists/oss-security/2022/07/05/4
xenbits.xen.org/xsa/advisory-406.html
launchpad.net/bugs/cve/CVE-2022-33744
nvd.nist.gov/vuln/detail/CVE-2022-33744
security-tracker.debian.org/tracker/CVE-2022-33744
ubuntu.com/security/notices/USN-5623-1
ubuntu.com/security/notices/USN-5624-1
ubuntu.com/security/notices/USN-5633-1
ubuntu.com/security/notices/USN-5635-1
ubuntu.com/security/notices/USN-5640-1
ubuntu.com/security/notices/USN-5644-1
ubuntu.com/security/notices/USN-5648-1
ubuntu.com/security/notices/USN-5655-1
ubuntu.com/security/notices/USN-5668-1
ubuntu.com/security/notices/USN-5669-1
ubuntu.com/security/notices/USN-5669-2
ubuntu.com/security/notices/USN-5677-1
ubuntu.com/security/notices/USN-5678-1
ubuntu.com/security/notices/USN-5679-1
ubuntu.com/security/notices/USN-5682-1
ubuntu.com/security/notices/USN-5683-1
ubuntu.com/security/notices/USN-5684-1
ubuntu.com/security/notices/USN-5687-1
ubuntu.com/security/notices/USN-5695-1
ubuntu.com/security/notices/USN-5706-1
www.cve.org/CVERecord?id=CVE-2022-33744
xenbits.xen.org/xsa/advisory-406.html
xenbits.xenproject.org/xsa/advisory-406.txt
4.7 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
1.9 Low
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:N/I:N/A:P
0.0004 Low
EPSS
Percentile
13.3%