Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:CVE-2022-33745
HistoryJul 26, 2022 - 1:15 p.m.

CVE-2022-33745

2022-07-2613:15:10
Google
osv.dev
18
tlb flush
x86 pv guests
shadow mode
migration
kernels unaware
xsa-273
xsa-401
variable changing

CVSS3

8.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

EPSS

0

Percentile

14.2%

JSON

insufficient TLB flush for x86 PV guests in shadow mode For migration as well as to work around kernels unaware of L1TF (see XSA-273), PV guests may be run in shadow paging mode. To address XSA-401, code was moved inside a function in Xen. This code movement missed a variable changing meaning / value between old and new code positions. The now wrong use of the variable did lead to a wrong TLB flush condition, omitting flushes where such are necessary.

Related

xen 1
fedora 2
debiancve 1
citrix 1
prion 1
nvd 1
cve 1
cvelist 1
veracode 1
ubuntucve 1
alpinelinux 1
openvas 15
osv 2
nessus 11
suse 4
redos 1
debian 1
xen
xen
insufficient TLB flush for x86 PV guests in shadow mode
2022-07-26 10:59:00
fedora
fedora
[SECURITY] Fedora 36 Update: xen-4.16.1-8.fc36
2022-07-31 01:38:27
[SECURITY] Fedora 35 Update: xen-4.15.3-4.fc35
2022-08-12 01:42:28
debiancve
debiancve
CVE-2022-33745
2022-07-26 13:15:10
citrix
citrix
Citrix Hypervisor Security Bulletin for CVE-2022-33745
2022-08-09 10:57:09
prion
prion
Design/Logic Flaw
2022-07-26 13:15:00
nvd
nvd
CVE-2022-33745
2022-07-26 13:15:10
cve
cve
CVE-2022-33745
2022-07-26 13:15:10
cvelist
cvelist
CVE-2022-33745
2022-07-26 00:00:00
veracode
veracode
Denial Of Service (DoS)
2022-08-02 16:49:01
ubuntucve
ubuntucve
CVE-2022-33745
2022-07-26 00:00:00
alpinelinux
alpinelinux
CVE-2022-33745
2022-07-26 13:15:10
openvas
openvas
Fedora: Security Advisory for xen (FEDORA-2022-4f7cd241e2)
2022-08-01 00:00:00
Fedora: Security Advisory for xen (FEDORA-2022-a0d7a5eaf2)
2022-08-13 00:00:00
SUSE: Security Advisory (SUSE-SU-2022:2557-1)
2022-07-28 00:00:00
osv
osv
xen-4.16.1_02-3.1 on GA media
2024-06-15 00:00:00
xen - security update
2022-11-06 00:00:00
nessus
nessus
SUSE SLES12 Security Update : xen (SUSE-SU-2022:2557-1)
2022-07-28 00:00:00
SUSE SLED15 / SLES15 Security Update : xen (SUSE-SU-2022:3665-1)
2022-10-20 00:00:00
SUSE SLES12 Security Update : xen (SUSE-SU-2022:2569-1)
2022-07-28 00:00:00
suse
suse
Security update for xen (important)
2022-10-20 00:00:00
Security update for xen (important)
2022-09-01 00:00:00
Security update for xen (important)
2022-07-29 00:00:00
redos
redos
ROS-20240911-11
2024-09-11 00:00:00
debian
debian
[SECURITY] [DSA 5272-1] xen security update
2022-11-06 20:00:19

CVSS3

8.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

EPSS

0

Percentile

14.2%

JSON
Related for OSV:CVE-2022-33745
xen1fedora2debiancve1citrix1prion1nvd1cve1cvelist1veracode1ubuntucve1alpinelinux1openvas15osv2nessus11suse4redos1debian1