CVE-2021-28710Improper Privilege Management in XEN

CWE-269Improper Privilege Management4 documents4 sources
Severity
8.8HIGHNVD
EPSS
0.0%
top 86.87%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
XENFedoraproject FedoraDebian XEN
Timeline
PublishedNov 21
Latest updateNov 22

Description

certain VT-d IOMMUs may not work in shared page table mode For efficiency reasons, address translation control structures (page tables) may (and, on suitable hardware, by default will) be shared between CPUs, for second-level translation (EPT), and IOMMUs. These page tables are presently set up to always be 4 levels deep. However, an IOMMU may require the use of just 3 page table levels. In such a configuration the lop level table needs to be stripped before inserting the root table's address in

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:HExploitability: 2.0 | Impact: 6.0

Affected Packages4 packages

CVEListV5xen/xen4.15.xunspecified
Alpinexen/xen< 4.15.1-r1+9
NVDxen/xen4.15.0
debiandebian/xen

Also affects: Fedora 35

🔴Vulnerability Details

2
GHSA
GHSA-ccqw-rpfw-2m25: certain VT-d IOMMUs may not work in shared page table mode For efficiency reasons, address translation control structures (page tables) may (and, on s2021-11-22
OSV
CVE-2021-28710: certain VT-d IOMMUs may not work in shared page table mode For efficiency reasons, address translation control structures (page tables) may (and, on s2021-11-21

📋Vendor Advisories

1
Debian
CVE-2021-28710: xen - certain VT-d IOMMUs may not work in shared page table mode For efficiency reason...2021