Lucene search

PRIOn knowledge basePRION:CVE-2022-23034

HistoryJan 25, 2022 - 2:15 p.m.

Design/Logic Flaw

2022-01-2514:15:00

PRIOn knowledge base

www.prio-n.com

5.4 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

14.4%

JSON

A PV guest could DoS Xen while unmapping a grant To address XSA-380, reference counting was introduced for grant mappings for the case where a PV guest would have the IOMMU enabled. PV guests can request two forms of mappings. When both are in use for any individual mapping, unmapping of such a mapping can be requested in two steps. The reference count for such a mapping would then mistakenly be decremented twice. Underflow of the counters gets detected, resulting in the triggering of a hypervisor bug check.

CPENameOperatorVersion
debian_linuxeq9.0
debian_linuxeq11.0
fedoraeq34
xenge3.2.0
xenlt4.13.0

Name	Operator	Version
debian_linux	eq	9.0
debian_linux	eq	11.0
fedora	eq	34
xen	ge	3.2.0
xen	lt	4.13.0

References

www.openwall.com/lists/oss-security/2022/01/25/3

lists.fedoraproject.org/archives/list/[email protected]/message/OMR6UBGJW6JKND7IILGQ2CU35EQPF3E3/

security.gentoo.org/glsa/202208-23

www.debian.org/security/2022/dsa-5117

xenbits.xenproject.org/xsa/advisory-394.txt