1. Home
  2. Vulnerabilities
  3. CVE-2022-33741

CVE-2022-33741

CVSS v3.1 7.1 (High)
71% Progress
CVSS v2.0 3.6 (Low)
36% Progress
EPSS 0.06 % (28th)
0.06% Progress
Affected Products 4
Advisories 50
Info CVSS EPSS CAPEC Affected Configurations References Security Advisories Packages & Software OVAL Tools, Exploits & PoC Graph Web & Social Timeline

Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740). Additionally the granularity of the grant table doesn't allow sharing less than a 4K page, leading to unrelated data residing in the same 4K page as data shared with a backend being accessible by such backend (CVE-2022-33741, CVE-2022-33742).

Weaknesses
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
Related CVEs
CVE Status
PUBLISHED
CNA
Xen Project
Published Date
2022-07-05 13:15:08
(2 years ago)
Updated Date
2023-11-07 03:48:21
(10 months ago)

Affected Products

Debian

Fedoraproject

Linux

Xen

Configuration #1

    CPE23 From Up To
  Fedoraproject Fedora 35 cpe:2.3:o:fedoraproject:fedora:35
  Fedoraproject Fedora 36 cpe:2.3:o:fedoraproject:fedora:36

Configuration #2

    CPE23 From Up To
  Debian Linux 10.0 cpe:2.3:o:debian:debian_linux:10.0
  Debian Linux 11.0 cpe:2.3:o:debian:debian_linux:11.0

Configuration #3

    CPE23 From Up To
  Linux Kernel from 2.6.13 version and prior 4.9.322 version cpe:2.3:o:linux:linux_kernel >= 2.6.13 < 4.9.322
  Linux Kernel from 4.14 version and prior 4.14.287 version cpe:2.3:o:linux:linux_kernel >= 4.14 < 4.14.287
  Linux Kernel from 4.19 version and prior 4.19.251 version cpe:2.3:o:linux:linux_kernel >= 4.19 < 4.19.251
  Linux Kernel from 5.4 version and prior 5.4.204 version cpe:2.3:o:linux:linux_kernel >= 5.4 < 5.4.204
  Linux Kernel from 5.10 version and prior 5.10.129 version cpe:2.3:o:linux:linux_kernel >= 5.10 < 5.10.129
  Linux Kernel from 5.15 version and prior 5.15.53 version cpe:2.3:o:linux:linux_kernel >= 5.15 < 5.15.53
  Linux Kernel from 5.18 version and prior 5.18.10 version cpe:2.3:o:linux:linux_kernel >= 5.18 < 5.18.10
  Linux Kernel 2.6.12 Rc2 cpe:2.3:o:linux:linux_kernel:2.6.12:rc2
  Linux Kernel 2.6.12 Rc3 cpe:2.3:o:linux:linux_kernel:2.6.12:rc3
  Linux Kernel 2.6.12 Rc4 cpe:2.3:o:linux:linux_kernel:2.6.12:rc4
  Linux Kernel 2.6.12 Rc5 cpe:2.3:o:linux:linux_kernel:2.6.12:rc5
  Linux Kernel 2.6.12 Rc6 cpe:2.3:o:linux:linux_kernel:2.6.12:rc6
  Linux Kernel 5.19 Rc1 cpe:2.3:o:linux:linux_kernel:5.19:rc1
  Linux Kernel 5.19 Rc2 cpe:2.3:o:linux:linux_kernel:5.19:rc2
  Linux Kernel 5.19 Rc3 cpe:2.3:o:linux:linux_kernel:5.19:rc3
  Linux Kernel 5.19 Rc4 cpe:2.3:o:linux:linux_kernel:5.19:rc4
  Linux Kernel 5.19 Rc5 cpe:2.3:o:linux:linux_kernel:5.19:rc5
  Xen cpe:2.3:o:xen:xen:-