CVE-2022-23034

Name
CVE-2022-23034
Description
A PV guest could DoS Xen while unmapping a grant To address XSA-380, reference counting was introduced for grant mappings for the case where a PV guest would have the IOMMU enabled. PV guests can request two forms of mappings. When both are in use for any individual mapping, unmapping of such a mapping can be requested in two steps. The reference count for such a mapping would then mistakenly be decremented twice. Underflow of the counters gets detected, resulting in the triggering of a hypervisor bug check.
NVD Severity
medium
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
MISC https://xenbits.xenproject.org/xsa/advisory-394.txt
Mailing List http://www.openwall.com/lists/oss-security/2022/01/25/3
Mailing List https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OMR6UBGJW6JKND7IILGQ2CU35EQPF3E3/
DEBIAN https://www.debian.org/security/2022/dsa-5117
Third Party Advisory https://security.gentoo.org/glsa/202208-23
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OMR6UBGJW6JKND7IILGQ2CU35EQPF3E3/

Match rules

CPE URI Source package Min version Max version
cpe:2.3:o:xen:xen:*:*:*:*:*:*:x86:* xen >= 3.2.0 < 4.13.0

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
xen 3.12-main 4.13.4-r3 Natanael Copa <ncopa@alpinelinux.org> fixed