Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

CVE-2022-26363

UNKNOWN
Published 2022-06-09T12:50:13
Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2022-26363. We'll provide specific mitigation strategies based on your environment and risk profile.

No CVSS data available

Description

x86 pv: Insufficient care with non-coherent mappings T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen maintains a type reference count for pages, in addition to a regular reference count. This scheme is used to maintain invariants required for Xen's safety, e.g. PV guests may not have direct writeable access to pagetables; updates need auditing by Xen. Unfortunately, Xen's safety logic doesn't account for CPU-induced cache non-coherency; cases where the CPU can cause the content of the cache to be different to the content in main memory. In such cases, Xen's safety logic can incorrectly conclude that the contents of a page is safe.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

Xen

xen

Affected Versions:

consult Xen advisory XSA-402

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed HIGH

GHSA-j296-h8mh-r88j

Advisory Details

x86 pv: Insufficient care with non-coherent mappings T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen maintains a type reference count for pages, in addition to a regular reference count. This scheme is used to maintain invariants required for Xen's safety, e.g. PV guests may not have direct writeable access to pagetables; updates need auditing by Xen. Unfortunately, Xen's safety logic doesn't account for CPU-induced cache non-coherency; cases where the CPU can cause the content of the cache to be different to the content in main memory. In such cases, Xen's safety logic can incorrectly conclude that the contents of a page is safe.

CVSS Scoring

CVSS Score

7.5

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2022-26363
WEB https://lists.fedoraproject.org/archives/list/[email protected]/message/OH65U6FTTB5MLH5A6Q3TW7KVCGOG4MYI
WEB https://lists.fedoraproject.org/archives/list/[email protected]/message/RKRXZ4LHGCGMOG24ZCEJNY6R2BTS4S2Q
WEB https://security.gentoo.org/glsa/202208-23
WEB https://www.debian.org/security/2022/dsa-5184
WEB https://xenbits.xenproject.org/xsa/advisory-402.txt
WEB http://www.openwall.com/lists/oss-security/2022/06/09/4
WEB http://xenbits.xen.org/xsa/advisory-402.html

Advisory provided by GitHub Security Advisory Database. Published: June 10, 2022, Modified: June 22, 2022

References

https://xenbits.xenproject.org/xsa/advisory-402.txt
http://xenbits.xen.org/xsa/advisory-402.html
http://www.openwall.com/lists/oss-security/2022/06/09/4
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OH65U6FTTB5MLH5A6Q3TW7KVCGOG4MYI/
https://www.debian.org/security/2022/dsa-5184
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RKRXZ4LHGCGMOG24ZCEJNY6R2BTS4S2Q/
https://security.gentoo.org/glsa/202208-23
Published: 2022-06-09T12:50:13
Last Modified: 2024-08-03T05:03:32.601Z
Copied to clipboard!