PT-2021-3001 · Linux+4 · Linux Kernel+4

Jan Beulich

·

Published

2021-02-15

·

Updated

2024-03-25

·

CVE-2021-26932

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions 3.2 through 5.10.16
Description An issue was discovered in the Linux kernel, as used by Xen, where grant mapping operations in batch hypercalls are mishandled by Linux backend drivers when running in PV mode. This can lead to errors being ignored or not properly inspected, resulting in successful batch elements not being possible to properly unmap upon error recovery. Only systems with Linux backends running in PV mode are vulnerable, while those running in HVM / PVH modes are not. The issue affects the arch/*/xen/p2m.c and drivers/xen/gntdev.c components.
Recommendations For Linux kernel versions 3.2 through 5.10.16, consider updating to a version that contains a fix for this issue, as no specific workaround is provided for these versions. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-17

Related Identifiers

ALT-PU-2021-1364
ALT-PU-2021-1388
ALT-PU-2021-1417
ALT-PU-2021-1424
ALT-PU-2021-1447
ALT-PU-2021-1621
ALT-PU-2021-1656
ALT-PU-2021-1739
ALT-PU-2021-1862
ALT-PU-2021-1866
ALT-PU-2021-1869
ALT-PU-2021-1870
BDU:2021-02595
CVE-2021-26932
DLA-2586-1
DLA-2610-1
FREEBSD-SA-21_06
MGASA-2021-0099
MGASA-2021-0100
MGASA-2021-0101
MGASA-2021-0102
OESA-2021-1111
OPENSUSE-SU-2021:0393-1
OPENSUSE-SU-2021_0393-1
SUSE-SU-2021:0735-1
SUSE-SU-2021:0736-1
SUSE-SU-2021:0737-1
SUSE-SU-2021:0738-1
SUSE-SU-2021:0740-1
SUSE-SU-2021:0741-1
SUSE-SU-2021:0743-1
SUSE-SU-2021:0744-1
SUSE-SU-2021:1175-1
SUSE-SU-2021:1176-1
SUSE-SU-2021:1210-1

Affected Products

Alt Linux
Astra Linux
Freebsd
Linux Kernel
Suse