CVE-2021-26933
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
An issue was discovered in Xen 4.9 through 4.14.x. On Arm, a guest is allowed to control whether memory accesses are bypassing the cache. This means that Xen needs to ensure that all writes (such as the ones during scrubbing) have reached the memory before handing over the page to a guest. Unfortunately, the operation to clean the cache is happening before checking if the page was scrubbed. Therefore there is no guarantee when all the writes will reach the memory.
Se detectó un problema en Xen versiones 4.9 hasta 4.14.x. En Arm, un invitado puede controlar si los accesos a la memoria pasan por encima de la caché. Esto significa que Xen necesita asegurarse de que todas las escrituras (como las que se producen durante el scrubbing) han llegado a la memoria antes de entregar la página a un invitado. Desgraciadamente, la operación de limpieza de la caché se realiza antes de comprobar si la página ha sido limpiada. Por lo tanto, no existe garantía de que todas las escrituras lleguen a la memoria
CVSS Scores
SSVC
- Decision:-
Timeline
- 2021-02-09 CVE Reserved
- 2021-02-17 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-03 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (4)
URL | Tag | Source |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://xenbits.xen.org/xsa/advisory-364.html | 2023-11-07 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Xen Search vendor "Xen" | Xen Search vendor "Xen" for product "Xen" | >= 4.9.0 <= 4.14.1 Search vendor "Xen" for product "Xen" and version " >= 4.9.0 <= 4.14.1" | arm |
Affected
| ||||||
Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | 32 Search vendor "Fedoraproject" for product "Fedora" and version "32" | - |
Affected
| ||||||
Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | 33 Search vendor "Fedoraproject" for product "Fedora" and version "33" | - |
Affected
| ||||||
Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 10.0 Search vendor "Debian" for product "Debian Linux" and version "10.0" | - |
Affected
|