An issue was discovered in the Linux kernel 3.2 through 5.10.16, as used by Xen. Grant mapping operations often occur in batch hypercalls, where a number of operations are done in a single hypercall, the success or failure of each one is reported to the backend driver, and the backend driver then loops over the results, performing follow-up actions based on the success or failure of each operation. Unfortunately, when running in PV mode, the Linux backend drivers mishandle this: Some errors are ignored, effectively implying their success from the success of related batch elements. In other cases, errors resulting from one batch element lead to further batch elements not being inspected, and hence successful ones to not be possible to properly unmap upon error recovery. Only systems with Linux backends running in PV mode are vulnerable. Linux backends run in HVM / PVH modes are not vulnerable. This affects arch/*/xen/p2m.c and drivers/xen/gntdev.c.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
AND |
|
History
25 Mar 2024, 01:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
07 Nov 2023, 03:31
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
28 Jul 2022, 17:50
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:hci_h410c:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:solidfire\,_enterprise_sds_\&_hci_storage_node:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:hci_compute_node:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:solidfire_\&_hci_management_node:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:hci_h410c_firmware:-:*:*:*:*:*:*:* |
|
First Time |
Netapp cloud Backup
Netapp solidfire \& Hci Management Node Netapp solidfire\, Enterprise Sds \& Hci Storage Node Netapp Netapp hci H410c Netapp hci Compute Node Netapp hci H410c Firmware |
|
References | (MLIST) https://lists.debian.org/debian-lts-announce/2021/03/msg00035.html - Mailing List, Third Party Advisory |
31 Mar 2021, 00:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
29 Mar 2021, 12:52
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:* | |
References | (CONFIRM) https://security.netapp.com/advisory/ntap-20210326-0001/ - Third Party Advisory | |
References | (MLIST) https://lists.debian.org/debian-lts-announce/2021/03/msg00010.html - Mailing List, Third Party Advisory |
26 Mar 2021, 11:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
09 Mar 2021, 21:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
09 Mar 2021, 20:21
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:* |
|
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GWQWPWYZRXVFJI5M3VCM72X27IB7CKOB/ - Mailing List, Patch, Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2XQR52ICKRK3GC4HDWLMWF2U55YGAR63/ - Mailing List, Patch, Third Party Advisory |
27 Feb 2021, 02:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
26 Feb 2021, 03:42
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | |
CWE | NVD-CWE-noinfo | |
CVSS |
v2 : v3 : |
v2 : 1.9
v3 : 5.5 |
References | (MISC) http://xenbits.xen.org/xsa/advisory-361.html - Patch, Third Party Advisory |
17 Feb 2021, 02:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-02-17 02:15
Updated : 2024-03-25 01:15
NVD link : CVE-2021-26932
Mitre link : CVE-2021-26932
CVE.ORG link : CVE-2021-26932
JSON object : View
Products Affected
netapp
- solidfire_\&_hci_management_node
- hci_h410c_firmware
- hci_h410c
- cloud_backup
- solidfire\,_enterprise_sds_\&_hci_storage_node
- hci_compute_node
linux
- linux_kernel
debian
- debian_linux
fedoraproject
- fedora
CWE