PT-2022-32974 · Xen+1 · Xen-Netback+1
Published
2022-07-31
·
Updated
2022-07-31
None
No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.
Name of the Vulnerable Software and Affected Versions
xen/netback versions prior to v5.4.207
Linux Kernel versions v4.9 through v5.4.206
Description
The issue is related to the xen/netback component, specifically with the function xenvif rx next skb(). It is possible to enter this function with an empty rx queue. The actual impact and attack plausibility have not yet been proven.
Recommendations
For xen/netback versions prior to v5.4.207, update to version v5.4.207 or later to resolve the issue.
For Linux Kernel versions v4.9 through v5.4.206, update to version v5.4.207 or later to resolve the issue.
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Linux Kernel
Xen-Netback