← Back

CVE-2022-33746

nvd nist
Published: Oct 11, 2022Modified: Nov 21, 2024

JSON object

Loading...
6.5
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
Exploitability: 2.0 / Impact: 4.0
Source: NVD

Description

P2M pool freeing may take excessively long The P2M pool backing second level address translation for guests may be of significant size. Therefore its freeing may take more time than is reasonable without intermediate preemption checks. Such checking for the need to preempt was so far missing.

Affected (5)

Xen
1 product
Xen
Fedoraproject
1 product
Fedora
Debian
1 product
Debian Linux
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Xen
From 4.13.0 to 4.16.1
Configuration B
3 vulnerable
Vulnerable SoftwareAffected Versions
Fedoraproject
Fedora
Version 35
Fedora
Version 36
Fedora
Version 37
Configuration C
1 vulnerable
Vulnerable SoftwareAffected Versions
Debian Linux
Version 11.0

Related CWEs

CWE-404
Improper Resource Shutdown or Release
The product does not release or incorrectly releases a resource before it is made available for re-use.

References (16)

Source: security@xen.org
Mailing ListMitigationPatchThird Party Advisory
Source: security@xen.org
MitigationPatchVendor Advisory
Source: security@xen.org
Source: security@xen.org
Source: security@xen.org
Source: security@xen.org
Source: security@xen.org
Third Party Advisory
Source: security@xen.org
MitigationPatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListMitigationPatchThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
MitigationPatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
MitigationPatchVendor Advisory

Timeline

No history available yet.