PT-2022-3490 · Xen+8 · Xen+8

Jan Beulich

·

Published

2022-06-15

·

Updated

2023-08-14

·

CVE-2022-33743

CVSS v2.0

9.0

High

VectorAV:N/AC:L/Au:S/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Xen (affected versions not specified) Linux (affected versions not specified)
Description The issue is related to insufficient input validation in the Xen hypervisor and Linux kernel, which can be exploited by a remote attacker to execute arbitrary code. The problem lies in the network backend, where a code change to support XDP (eXpress Data Path) allowed SKBs (socket buffers) with retained references to be freed, potentially causing Linux netfront to use freed SKBs.
Recommendations For Xen, consider disabling the network backend functionality until a patch is available. For Linux, restrict access to the netfront module to minimize the risk of exploitation. As a temporary workaround, avoid using the XDP feature in the affected API endpoints until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

ALSA-2023:2148
ALSA-2023:2458
ALT-PU-2022-2050
ALT-PU-2022-2131
ALT-PU-2022-2152
ALT-PU-2022-2155
ALT-PU-2023-1342
ALT-PU-2023-1684
ALT-PU-2023-1741
ALT-PU-2023-1814
ALT-PU-2023-4894
AZL-10107
BDU:2022-04271
CVE-2022-33743
DSA-5191-1
MGASA-2022-0263
MGASA-2022-0264
OESA-2022-1774
OPENSUSE-SU-2022_2520-1
OPENSUSE-SU-2022_2615-1
RHSA-2023:2148
RHSA-2023:2458
RHSA-2023_2148
RHSA-2023_2458
SUSE-SU-2022:2520-1
SUSE-SU-2022:2615-1
SUSE-SU-2022:2854-1
USN-5623-1
USN-5624-1
USN-5633-1
USN-5635-1
USN-5640-1
USN-5644-1
USN-5648-1
USN-5655-1
USN-5683-1
USN-5773-1
USN-5789-1

Affected Products

Alt Linux
Almalinux
Astra Linux
Linux
Linuxmint
Red Hat
Suse
Ubuntu
Xen