race in VT-d domain ID cleanup Xen domain IDs are up to 15 bits wide. VT-d hardware may allow for only less than 15 bits to hold a domain ID associating a physical device with a particular domain. Therefore internally Xen domain IDs are mapped to the smaller value range. The cleaning up of the housekeeping structures has a race, allowing for VT-d domain IDs to be leaked and flushes to be bypassed.
References
Configurations
History
04 Feb 2024, 08:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
07 Nov 2023, 03:44
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
01 Jul 2022, 17:36
Type | Values Removed | Values Added |
---|---|---|
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6ETPM2OVZZ6KOS2L7QO7SIW6XWT5OW3F/ - Mailing List, Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UHFSRVLM2JUCPDC2KGB7ETPQYJLCGBLD/ - Mailing List, Third Party Advisory | |
References | (DEBIAN) https://www.debian.org/security/2022/dsa-5117 - Third Party Advisory | |
First Time |
Fedoraproject
Debian debian Linux Debian Fedoraproject fedora |
|
CPE | cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:* |
02 May 2022, 12:16
Type | Values Removed | Values Added |
---|---|---|
References |
|
21 Apr 2022, 23:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
19 Apr 2022, 12:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
14 Apr 2022, 18:26
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 6.2
v3 : 7.0 |
First Time |
Xen xen
Xen |
|
CWE | CWE-362 | |
CPE | cpe:2.3:o:xen:xen:*:*:*:*:*:*:*:* | |
References | (MISC) https://xenbits.xenproject.org/xsa/advisory-399.txt - Vendor Advisory | |
References | (MLIST) http://www.openwall.com/lists/oss-security/2022/04/05/2 - Mailing List, Patch, Third Party Advisory | |
References | (CONFIRM) http://xenbits.xen.org/xsa/advisory-399.html - Patch, Vendor Advisory |
05 Apr 2022, 15:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
05 Apr 2022, 13:21
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-04-05 13:15
Updated : 2024-02-04 08:15
NVD link : CVE-2022-26357
Mitre link : CVE-2022-26357
CVE.ORG link : CVE-2022-26357
JSON object : View
Products Affected
fedoraproject
- fedora
debian
- debian_linux
xen
- xen
CWE
CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')