mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-08-04 08:44:25 +00:00
126 lines
4.4 KiB
JSON
126 lines
4.4 KiB
JSON
{
|
|
"CVE_data_meta": {
|
|
"ASSIGNER": "security@xen.org",
|
|
"ID": "CVE-2022-33743",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "Linux",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_affected": "?",
|
|
"version_value": "consult Xen advisory XSA-405"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name": "Linux"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"configuration": {
|
|
"configuration_data": {
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "Linux versions 5.9 - 5.18 are vulnerable. Linux versions 5.8 and\nearlier are not vulnerable.\n\nThis vulnerability only increases the capability of an attacker in systems\nwith less than fully privileged network backends (e.g. network driver\ndomains). For systems where netback runs in dom0 (the default\nconfiguration), this vulnerability does not increase the capabilities of\nan attacker."
|
|
}
|
|
]
|
|
}
|
|
}
|
|
},
|
|
"credit": {
|
|
"credit_data": {
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "This issue was discovered by Jan Beulich of SUSE."
|
|
}
|
|
]
|
|
}
|
|
}
|
|
},
|
|
"data_format": "MITRE",
|
|
"data_type": "CVE",
|
|
"data_version": "4.0",
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "network backend may cause Linux netfront to use freed SKBs While adding logic to support XDP (eXpress Data Path), a code label was moved in a way allowing for SKBs having references (pointers) retained for further processing to nevertheless be freed."
|
|
}
|
|
]
|
|
},
|
|
"impact": {
|
|
"impact_data": {
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "A misbehaving or malicious backend may cause a Denial of Service (DoS)\nin the guest. Information leaks or privilege escalation cannot be\nruled out."
|
|
}
|
|
]
|
|
}
|
|
}
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "unknown"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"url": "https://xenbits.xenproject.org/xsa/advisory-405.txt",
|
|
"refsource": "MISC",
|
|
"name": "https://xenbits.xenproject.org/xsa/advisory-405.txt"
|
|
},
|
|
{
|
|
"refsource": "CONFIRM",
|
|
"name": "http://xenbits.xen.org/xsa/advisory-405.html",
|
|
"url": "http://xenbits.xen.org/xsa/advisory-405.html"
|
|
},
|
|
{
|
|
"refsource": "MLIST",
|
|
"name": "[oss-security] 20220705 Xen Security Advisory 405 v3 (CVE-2022-33743) - network backend may cause Linux netfront to use freed SKBs",
|
|
"url": "http://www.openwall.com/lists/oss-security/2022/07/05/5"
|
|
},
|
|
{
|
|
"refsource": "DEBIAN",
|
|
"name": "DSA-5191",
|
|
"url": "https://www.debian.org/security/2022/dsa-5191"
|
|
}
|
|
]
|
|
},
|
|
"workaround": {
|
|
"workaround_data": {
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "There is no mitigation available other than not using PV devices in case\na backend is suspected to be potentially malicious."
|
|
}
|
|
]
|
|
}
|
|
}
|
|
}
|
|
} |