Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

CVE-2022-26356

UNKNOWN
Published 2022-04-05T00:00:00
Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2022-26356. We'll provide specific mitigation strategies based on your environment and risk profile.

No CVSS data available

Description

Racy interactions between dirty vram tracking and paging log dirty hypercalls Activation of log dirty mode done by XEN_DMOP_track_dirty_vram (was named HVMOP_track_dirty_vram before Xen 4.9) is racy with ongoing log dirty hypercalls. A suitably timed call to XEN_DMOP_track_dirty_vram can enable log dirty while another CPU is still in the process of tearing down the structures related to a previously enabled log dirty mode (XEN_DOMCTL_SHADOW_OP_OFF). This is due to lack of mutually exclusive locking between both operations and can lead to entries being added in already freed slots, resulting in a memory leak.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

Xen

xen

Affected Versions:

consult Xen advisory XSA-397

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed MODERATE

GHSA-wqf3-h5g7-w9q8

Advisory Details

Racy interactions between dirty vram tracking and paging log dirty hypercalls Activation of log dirty mode done by XEN_DMOP_track_dirty_vram (was named HVMOP_track_dirty_vram before Xen 4.9) is racy with ongoing log dirty hypercalls. A suitably timed call to XEN_DMOP_track_dirty_vram can enable log dirty while another CPU is still in the process of tearing down the structures related to a previously enabled log dirty mode (XEN_DOMCTL_SHADOW_OP_OFF). This is due to lack of mutually exclusive locking between both operations and can lead to entries being added in already freed slots, resulting in a memory leak.

CVSS Scoring

CVSS Score

5.0

CVSS Vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2022-26356
WEB https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6ETPM2OVZZ6KOS2L7QO7SIW6XWT5OW3F
WEB https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UHFSRVLM2JUCPDC2KGB7ETPQYJLCGBLD
WEB https://lists.fedoraproject.org/archives/list/[email protected]/message/6ETPM2OVZZ6KOS2L7QO7SIW6XWT5OW3F
WEB https://lists.fedoraproject.org/archives/list/[email protected]/message/UHFSRVLM2JUCPDC2KGB7ETPQYJLCGBLD
WEB https://security.gentoo.org/glsa/202402-07
WEB https://www.debian.org/security/2022/dsa-5117
WEB https://xenbits.xenproject.org/xsa/advisory-397.txt
WEB http://www.openwall.com/lists/oss-security/2022/04/05/1
WEB http://xenbits.xen.org/xsa/advisory-397.html

Advisory provided by GitHub Security Advisory Database. Published: April 6, 2022, Modified: April 15, 2022

References

https://xenbits.xenproject.org/xsa/advisory-397.txt
http://xenbits.xen.org/xsa/advisory-397.html
http://www.openwall.com/lists/oss-security/2022/04/05/1
https://www.debian.org/security/2022/dsa-5117
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UHFSRVLM2JUCPDC2KGB7ETPQYJLCGBLD/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6ETPM2OVZZ6KOS2L7QO7SIW6XWT5OW3F/
https://security.gentoo.org/glsa/202402-07
Published: 2022-04-05T00:00:00
Last Modified: 2024-08-03T05:03:32.753Z
Copied to clipboard!