[XSA-424] Guests can trigger deadlock in Linux netback driver
Severity
Medium
Affected Packages
2
CVEs
2
ISSUE DESCRIPTION
The patch for XSA-392 introduced another issue which might result in
a deadlock when trying to free the SKB of a packet dropped due to
the XSA-392 handling (CVE-2022-42328).
Additionally when dropping packages for other reasons the same
deadlock could occur in case of netpoll being active for the interface
the xen-netback driver is connected to (CVE-2022-42329).
IMPACT
A malicious guest could cause Denial of Service (DoS) of the host via
the paravirtualized network interface.
VULNERABLE SYSTEMS
All systems using the Linux kernel based network backend xen-netback
are vulnerable.
Package | Affected Version |
---|---|
pkg:generic/xen | = 6.0 |
pkg:generic/xen | = 6.1-rc |
- ID
- XSA-424
- Severity
- medium
- Severity from
- CVE-2022-42328
- URL
- http://xenbits.xen.org/xsa/advisory-424.html
- Published
-
2022-12-06T15:15:00
(21 months ago) - Modified
-
2022-12-06T15:15:00
(21 months ago) - Rights
- Xen Project
- Other Advisories
-
- ALAS-2023-1706
- ALAS2-2023-1932
- MS:CVE-2022-42328
- MS:CVE-2022-42329
- SUSE-SU-2022:4504-1
- SUSE-SU-2022:4505-1
- SUSE-SU-2022:4566-1
- SUSE-SU-2022:4573-1
- SUSE-SU-2022:4574-1
- SUSE-SU-2022:4585-1
- SUSE-SU-2022:4615-1
- SUSE-SU-2022:4617-1
- SUSE-SU-2023:0134-1
- SUSE-SU-2023:0152-1
- SUSE-SU-2023:0406-1
- USN-5883-1
- USN-5912-1
- USN-5917-1
- USN-5919-1
- USN-5920-1
- USN-5924-1
- USN-5925-1
- USN-5927-1
- USN-5934-1
- USN-5935-1
- USN-5938-1
- USN-5939-1
- USN-5940-1
- USN-5941-1
- USN-5951-1
- USN-5962-1
- USN-5970-1
- USN-5975-1
- USN-5979-1
- USN-6000-1
- USN-6007-1
Source | # ID | Name | URL |
---|---|---|---|
Xen Project | XSA-424 | Security Advisory | http://xenbits.xen.org/xsa/advisory-424.html |
Xen Project | XSA-424 | Signed Security Advisory | http://xenbits.xen.org/xsa/advisory-424.txt |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:generic/xen | xen | = 6.0 | ||||
Affected | pkg:generic/xen | xen | = 6.1-rc |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |