CVE-2022-23034

Common vulnerabilities & exposures (CVE)

CVE database CVE database blogpost Release & EoL database

Published at: - 25-01-2022 03:15

Last modified: - 19-08-2022 11:59

Total changes: - 8

Description

A PV guest could DoS Xen while unmapping a grant To address XSA-380, reference counting was introduced for grant mappings for the case where a PV guest would have the IOMMU enabled. PV guests can request two forms of mappings. When both are in use for any individual mapping, unmapping of such a mapping can be requested in two steps. The reference count for such a mapping would then mistakenly be decremented twice. Underflow of the counters gets detected, resulting in the triggering of a hypervisor bug check.

Common Vulnerability Scoring System (CVSS)

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Low

Attack complexity

Local

Attack vector

High

Availability

None

Confidentiality

None

Integrity

Low

Privileges required

Unchanged

Scope

None

User interaction

5.5

Base score

1.8

3.6

Exploitability score

Impact score

Verification logic

Reference

https://xenbits.xenproject.org/xsa/advisory-394.txt
[oss-security] 20220125 Xen Security Advisory 394 v3 (CVE-2022-23034) - A PV guest could DoS Xen while unmapping a grant-Mailing List, Third Party Advisory
FEDORA-2022-0cc3916e08-Mailing List, Third Party Advisory
DSA-5117-Third Party Advisory
GLSA-202208-23-Third Party Advisory

Keywords

CVE-2022-23034

Common vulnerabilities & exposures (CVE)

Description

Common Vulnerability Scoring System (CVSS)

Verification logic

Reference

NVD

CVE-2022-23034

CVE

Common vulnerabilities & exposures

CVSS

Common vulnerability scoring system

Security

Vulnerabilities

Exposures