PT-2022-3413 · Xen+1 · Xen+1

Jann Horn

Published

2022-06-09

Updated

2024-06-15

CVE-2022-26362

CVSS v2.0

6.9

Medium

Vector

AV:L/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Xen (affected versions not specified)

Description The issue is related to a race condition in the acquisition of type references in Xen. This condition allows a window where a guest can re-establish a read/write mapping before writeability is prohibited, potentially leading to the execution of arbitrary code. The type reference count scheme is used to maintain safety invariants, such as preventing PV guests from having direct writeable access to pagetables, which require auditing by Xen.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Race Condition

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-362

Related Identifiers

BDU:2022-04189

CVE-2022-26362

DSA-5184-1

OPENSUSE-SU-2022_2065-1

OPENSUSE-SU-2022_2296-1

OPENSUSE-SU-2022_2597-1

OPENSUSE-SU-2022_2599-1

OPENSUSE-SU-2024:12219-1

SUSE-SU-2022:2065-1

SUSE-SU-2022:2084-1

SUSE-SU-2022:2158-1

SUSE-SU-2022:2164-1

SUSE-SU-2022:2296-1

SUSE-SU-2022:2560-1

SUSE-SU-2022:2569-1

SUSE-SU-2022:2574-1

SUSE-SU-2022:2591-1

SUSE-SU-2022:2597-1

SUSE-SU-2022:2599-1

SUSE-SU-2022:2599-2

SUSE-SU-2022:2600-1

SUSE-SU-2022:2601-1

SUSE-SU-2022_2084-1

SUSE-SU-2022_2164-1

SUSE-SU-2022_2296-1

Affected Products

Suse

Xen

PT-2022-3413 · Xen+1 · Xen+1

CVE-2022-26362

Weakness Enumeration

Related Identifiers

Affected Products

References · 82