CVE-2022-23034
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A PV guest could DoS Xen while unmapping a grant To address XSA-380, reference counting was introduced for grant mappings for the case where a PV guest would have the IOMMU enabled. PV guests can request two forms of mappings. When both are in use for any individual mapping, unmapping of such a mapping can be requested in two steps. The reference count for such a mapping would then mistakenly be decremented twice. Underflow of the counters gets detected, resulting in the triggering of a hypervisor bug check.
Un huésped PV podría hacer DoS a Xen mientras desmapea una concesión Para abordar XSA-380, fue introducido el recuento de referencias para las asignaciones de concesión para el caso en que un huésped PV tuviera el IOMMU habilitado. Los huéspedes PV pueden solicitar dos formas de mapeo. Cuando ambas están usadas para cualquier mapeo individual, el desmapeo de tal mapeo puede ser solicitado en dos pasos. El conteo de referencia para tal mapeo sería entonces erróneamente decrementado dos veces. Se detecta un desbordamiento de los contadores, resultando en el desencadenamiento de una comprobación de errores del hipervisor
CVSS Scores
SSVC
- Decision:-
Timeline
- 2022-01-10 CVE Reserved
- 2022-01-25 CVE Published
- 2023-05-02 EPSS Updated
- 2024-08-03 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-191: Integer Underflow (Wrap or Wraparound)
CAPEC
References (5)
URL | Tag | Source |
---|---|---|
http://www.openwall.com/lists/oss-security/2022/01/25/3 | Mailing List |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://xenbits.xenproject.org/xsa/advisory-394.txt | 2023-11-07 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Xen Search vendor "Xen" | Xen Search vendor "Xen" for product "Xen" | >= 3.2.0 < 4.13.0 Search vendor "Xen" for product "Xen" and version " >= 3.2.0 < 4.13.0" | x86 |
Affected
| ||||||
Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | 34 Search vendor "Fedoraproject" for product "Fedora" and version "34" | - |
Affected
| ||||||
Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 9.0 Search vendor "Debian" for product "Debian Linux" and version "9.0" | - |
Affected
| ||||||
Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 11.0 Search vendor "Debian" for product "Debian Linux" and version "11.0" | - |
Affected
|