CVE-2021-28702Improper Privilege Management in XEN

CWE-269Improper Privilege Management4 documents4 sources
Severity
7.6HIGHNVD
EPSS
0.1%
top 83.38%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
XENDebian XENDebian Linux+1 more
Timeline
PublishedOct 6
Latest updateMay 24

Description

PCI devices with RMRRs not deassigned correctly Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Reserved Memory Region Reporting, "RMRR"). These are typically used for platform tasks such as legacy USB emulation. If such a device is passed through to a guest, then on guest shutdown the device is not properly deassigned. The IOMMU configuration for these devices which are not properly deassigned ends up pointing to a freed data structure, including the IO

CVSS vector

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:HExploitability: 0.9 | Impact: 6.0

Affected Packages4 packages

CVEListV5xen/xen4.12.xunspecified
debiandebian/xen< xen 4.14.3+32-g9de3671772-1 (bookworm)
Debianxen/xen< 4.14.3+32-g9de3671772-1~deb11u1+3
NVDxen/xen4.13.04.15.1

Also affects: Debian Linux 9.0, Fedora 33, 34, 35

🔴Vulnerability Details

2
GHSA
GHSA-pcvc-mv96-7jh6: PCI devices with RMRRs not deassigned correctly Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Reserved Memo2022-05-24
OSV
CVE-2021-28702: PCI devices with RMRRs not deassigned correctly Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Reserved Memo2021-10-06

📋Vendor Advisories

1
Debian
CVE-2021-28702: xen - PCI devices with RMRRs not deassigned correctly Certain PCI devices in a system ...2021