PT-2022-17812 · Suse · Suse

Jan Beulich

Published

2022-04-05

Updated

2024-06-15

CVE-2022-26360

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions No specific software or versions are mentioned in the provided descriptions.

Description The issue concerns IOMMU (Input-Output Memory Management Unit) handling problems related to RMRR (Reserved Memory Region Reporting) for Intel VT-d and Unity Mapping ranges for AMD-Vi. Certain PCI devices might be assigned Reserved Memory Regions for platform tasks like legacy USB emulation. Since the purpose of these regions is unknown, their mappings need to remain accessible by the device once it's active. However, this requirement has been violated, potentially leading to unpredictable behavior, including IOMMU faults and memory corruption.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2022-26360

DSA-5117-1

OPENSUSE-SU-2022_1506-1

OPENSUSE-SU-2022_2065-1

OPENSUSE-SU-2024:11979-1

SUSE-SU-2022:1285-1

SUSE-SU-2022:1300-1

SUSE-SU-2022:1359-1

SUSE-SU-2022:1375-1

SUSE-SU-2022:1408-1

SUSE-SU-2022:1505-1

SUSE-SU-2022:1506-1

SUSE-SU-2022:2065-1

SUSE-SU-2022:2158-1

SUSE-SU-2022_1505-1

SUSE-SU-2022_1506-1

Affected Products

Suse

PT-2022-17812 · Suse · Suse

CVE-2022-26360

Related Identifiers

Affected Products

References · 64