PT-2022-15801 · Xen+1 · Xen+1

Julien Grall

Published

2022-01-25

Updated

2024-06-15

CVE-2022-23034

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Xen (affected versions not specified)

Description A PV guest could cause a denial of service (DoS) in Xen while unmapping a grant. This issue arises from the introduction of reference counting for grant mappings when a PV guest has the IOMMU enabled. PV guests can request two forms of mappings, and when both are in use for an individual mapping, unmapping can be requested in two steps. The reference count for such a mapping would then be mistakenly decremented twice, leading to an underflow of the counters. This underflow triggers a hypervisor bug check.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

Integer Underflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-191

Related Identifiers

CVE-2022-23034

DSA-5117-1

OPENSUSE-SU-2022:0333-1

OPENSUSE-SU-2022_0333-1

OPENSUSE-SU-2024:11781-1

SUSE-SU-2022:0331-1

SUSE-SU-2022:0332-1

SUSE-SU-2022:0333-1

SUSE-SU-2022:0342-1

SUSE-SU-2022:0359-1

SUSE-SU-2022:0467-1

SUSE-SU-2022:0468-1

SUSE-SU-2022:0469-1

SUSE-SU-2022:14886-1

SUSE-SU-2022_0331-1

SUSE-SU-2022_0332-1

SUSE-SU-2022_0342-1

SUSE-SU-2022_0359-1

SUSE-SU-2022_14886-1

Affected Products

Suse

Xen

PT-2022-15801 · Xen+1 · Xen+1

CVE-2022-23034

Weakness Enumeration

Related Identifiers

Affected Products

References · 46