CVE-2022-33745
Summary
| CVE | CVE-2022-33745 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2022-07-26 13:15:00 UTC |
| Updated | 2023-11-07 03:48:00 UTC |
| Description | insufficient TLB flush for x86 PV guests in shadow mode For migration as well as to work around kernels unaware of L1TF (see XSA-273), PV guests may be run in shadow paging mode. To address XSA-401, code was moved inside a function in Xen. This code movement missed a variable changing meaning / value between old and new code positions. The now wrong use of the variable did lead to a wrong TLB flush condition, omitting flushes where such are necessary. |
Risk And Classification
Problem Types: NVD-CWE-noinfo
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Debian | Debian Linux | 11.0 | All | All | All |
| Operating System | Fedoraproject | Fedora | 35 | All | All | All |
| Operating System | Fedoraproject | Fedora | 36 | All | All | All |
| Operating System | Xen | Xen | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| [SECURITY] Fedora 35 Update: xen-4.15.3-4.fc35 - package-announce - Fedora Mailing-Lists | FEDORA | lists.fedoraproject.org | |
| [SECURITY] Fedora 36 Update: xen-4.16.1-8.fc36 - package-announce - Fedora Mailing-Lists | lists.fedoraproject.org | ||
| XSA-408 - Xen Security Advisories | CONFIRM | xenbits.xen.org | |
| oss-security - Xen Security Advisory 408 v3 (CVE-2022-33745) - insufficient TLB flush for x86 PV guests in shadow mode | MLIST | www.openwall.com | |
| [SECURITY] Fedora 35 Update: xen-4.15.3-4.fc35 - package-announce - Fedora Mailing-Lists | lists.fedoraproject.org | ||
| Debian -- Security Information -- DSA-5272-1 xen | DEBIAN | www.debian.org | |
| oss-security - Xen Security Advisory 408 v2 (CVE-2022-33745) - insufficient TLB flush for x86 PV guests in shadow mode | MLIST | www.openwall.com | |
| xenbits.xenproject.org/xsa/advisory-408.txt | MISC | xenbits.xenproject.org | |
| [SECURITY] Fedora 36 Update: xen-4.16.1-8.fc36 - package-announce - Fedora Mailing-Lists | FEDORA | lists.fedoraproject.org | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
Vendor Comments And Credit
Discovery Credit
LEGACY: Array
Legacy QID Mappings
- 181193 Debian Security Update for xen (DSA 5272-1)
- 183603 Debian Security Update for xen (CVE-2022-33745)
- 282996 Fedora Security Update for xen (FEDORA-2022-4f7cd241e2)
- 283032 Fedora Security Update for xen (FEDORA-2022-a0d7a5eaf2)
- 377767 Citrix XenServer Security Updates (CTX463455)
- 502464 Alpine Linux Security Update for xen
- 502465 Alpine Linux Security Update for xen
- 502816 Alpine Linux Security Update for xen
- 505705 Alpine Linux Security Update for xen
- 752393 SUSE Enterprise Linux Security Update for xen (SUSE-SU-2022:2557-1)
- 752395 SUSE Enterprise Linux Security Update for xen (SUSE-SU-2022:2560-1)
- 752399 SUSE Enterprise Linux Security Update for xen (SUSE-SU-2022:2601-1)
- 752400 SUSE Enterprise Linux Security Update for xen (SUSE-SU-2022:2600-1)
- 752405 SUSE Enterprise Linux Security Update for xen (SUSE-SU-2022:2599-1)
- 752410 SUSE Enterprise Linux Security Update for xen (SUSE-SU-2022:2597-1)
- 752411 SUSE Enterprise Linux Security Update for xen (SUSE-SU-2022:2591-1)
- 752684 SUSE Enterprise Linux Security Update for xen (SUSE-SU-2022:3665-1)