CVE-2022-26362
Description
x86 pv: Race condition in typeref acquisition Xen maintains a type reference count for pages, in addition to a regular reference count. This scheme is used to maintain invariants required for Xens safety, e.g. PV guests may not have direct writeable access to pagetables; updates need auditing by Xen. Unfortunately, the logic for acquiring a type reference has a race condition, whereby a safely TLB flush is issued too early and creates a window where the guest can re-establish the read/write mapping before writeability is prohibited.
Risk Information
Base Score
6.4
MODERATE
Vector
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.047
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| SUSE-SU-2022:2599-1(SUSE Linux Enterprise Module for Basesystem 15-SP3 ) xen-libs-4.14.5_04-150300.3.32.1.x86_64.rpm | Linux |
| SUSE-SU-2022:2599-1(SUSE Linux Enterprise Module for Basesystem 15-SP3 ) xen-tools-domU-4.14.5_04-150300.3.32.1.x86_64.rpm | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234