CVE-2022-42335

2023-04-2513:15:09

CWE-476

[email protected]

web.nvd.nist.gov

cve-2022-42335

x86

shadow paging

arbitrary pointer dereference

xen

vulnerability

security

nvd

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.3 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

x86 shadow paging arbitrary pointer dereference In environments where host assisted address translation is necessary but Hardware Assisted Paging (HAP) is unavailable, Xen will run guests in so called shadow mode. Due to too lax a check in one of the hypervisor routines used for shadow page handling it is possible for a guest with a PCI device passed through to cause the hypervisor to access an arbitrary pointer partially under guest control.

Affected configurations

NVD

Node

xenxenMatch4.17.0x86

Node

fedoraprojectfedoraMatch38

CPENameOperatorVersion
xen:xenxeneq4.17.0

CPE	Name	Operator	Version
xen:xen	xen	eq	4.17.0

CNA Affected

[
  {
    "vendor": "Xen",
    "product": "xen",
    "versions": [
      {
        "version": "consult Xen advisory XSA-430",
        "status": "unknown"
      }
    ]
  }
]