Lucene search

K
ubuntucveUbuntu.comUB:CVE-2022-33745
HistoryJul 26, 2022 - 12:00 a.m.

CVE-2022-33745

2022-07-2600:00:00
ubuntu.com
ubuntu.com
25
tlb flush
x86 pv guests
shadow mode
migration
xen
code movement

CVSS3

8.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

EPSS

0

Percentile

14.2%

insufficient TLB flush for x86 PV guests in shadow mode For migration as
well as to work around kernels unaware of L1TF (see XSA-273), PV guests may
be run in shadow paging mode. To address XSA-401, code was moved inside a
function in Xen. This code movement missed a variable changing meaning /
value between old and new code positions. The now wrong use of the variable
did lead to a wrong TLB flush condition, omitting flushes where such are
necessary.

Notes

Author Note
mdeslaur hypervisor packages are in universe. For issues in the hypervisor, add appropriate tags to each section, ex: Tags_xen: universe-binary

CVSS3

8.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

EPSS

0

Percentile

14.2%