CVE-2022-23033Improper Resource Shutdown or Release in XEN

CWE-404Improper Resource Shutdown or ReleaseCWE-863Incorrect Authorization5 documents5 sources
Severity
7.8HIGHNVD
EPSS
0.1%
top 74.22%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
XENDebian XENDebian Linux+1 more
Timeline
PublishedJan 25
Latest updateJan 26

Description

arm: guest_physmap_remove_page not removing the p2m mappings The functions to remove one or more entries from a guest p2m pagetable on Arm (p2m_remove_mapping, guest_physmap_remove_page, and p2m_set_entry with mfn set to INVALID_MFN) do not actually clear the pagetable entry if the entry doesn't have the valid bit set. It is possible to have a valid pagetable entry without the valid bit set when a guest operating system uses set/way cache maintenance instructions. For instance, a guest issuing a

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages3 packages

debiandebian/xen< xen 4.16.0+51-g0941d6cb-1 (bookworm)
Debianxen/xen< 4.14.4+74-gd7b22226b5-1+3
NVDxen/xen

Also affects: Debian Linux 11.0, Fedora 34

Patches

Patch: www.openwall.comPatch: www.openwall.com

🔴Vulnerability Details

2
GHSA
GHSA-74f6-jp2h-2vw3: arm: guest_physmap_remove_page not removing the p2m mappings The functions to remove one or more entries from a guest p2m pagetable on Arm (p2m_remove2022-01-26
OSV
CVE-2022-23033: arm: guest_physmap_remove_page not removing the p2m mappings The functions to remove one or more entries from a guest p2m pagetable on Arm (p2m_remove2022-01-25

📋Vendor Advisories

2
Red Hat
xen: arm: guest_physmap_remove_page not removing the p2m mappings (XSA-393)2022-01-25
Debian
CVE-2022-23033: xen - arm: guest_physmap_remove_page not removing the p2m mappings The functions to re...2022