CVE-2022-33748

Name
CVE-2022-33748
Description
lock order inversion in transitive grant copy handling As part of XSA-226 a missing cleanup call was inserted on an error handling path. While doing so, locking requirements were not paid attention to. As a result two cooperating guests granting each other transitive grants can cause locks to be acquired nested within one another, but in respectively opposite order. With suitable timing between the involved grant copy operations this may result in the locking up of a CPU.
NVD Severity
medium
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
MISC https://xenbits.xenproject.org/xsa/advisory-411.txt
CONFIRM http://xenbits.xen.org/xsa/advisory-411.html
MLIST http://www.openwall.com/lists/oss-security/2022/10/11/2
FEDORA https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XWSC77GS5NATI3TT7FMVPULUPXR635XQ/
DEBIAN https://www.debian.org/security/2022/dsa-5272
FEDORA https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TJOMUNGW6VTK5CZZRLWLVVEOUPEQBRHI/
FEDORA https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YZVXG7OOOXCX6VIPEMLFDPIPUTFAYWPE/

Match rules

CPE URI Source package Min version Max version
cpe:2.3:o:xen:xen:*:*:*:*:*:*:*:* xen >= 4.0 <= None

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
xen 3.16-main 4.16.2-r0 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
xen 3.13-main 4.14.5-r7 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
xen 3.15-main 4.15.4-r0 Natanael Copa <ncopa@alpinelinux.org> fixed
xen 3.14-main 4.15.4-r0 Natanael Copa <ncopa@alpinelinux.org> fixed
xen 3.17-main 4.16.2-r2 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
xen edge-main 4.16.2-r3 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable