CVE-2022-42329
Summary
| CVE | CVE-2022-42329 |
|---|
| State | PUBLIC |
|---|
| Assigner | [email protected] |
|---|
| Source Priority | CVE Program / NVD first with legacy fallback |
|---|
| Published | 2022-12-07 01:15:00 UTC |
|---|
| Updated | 2023-01-10 19:39:00 UTC |
|---|
| Description | Guests can trigger deadlock in Linux netback driver T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] The patch for XSA-392 introduced another issue which might result in a deadlock when trying to free the SKB of a packet dropped due to the XSA-392 handling (CVE-2022-42328). Additionally when dropping packages for other reasons the same deadlock could occur in case of netpoll being active for the interface the xen-netback driver is connected to (CVE-2022-42329). |
|---|
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|
| oss-security - Re: Xen Security Advisory 424 v1 (CVE-2022-42328,CVE-2022-42329) -
Guests can trigger deadlock in Linux netback driver |
MLIST |
www.openwall.com |
|
| [SECURITY] [DLA 3245-1] linux security update |
MLIST |
lists.debian.org |
|
| oss-security - Re: Xen Security Advisory 424 v1 (CVE-2022-42328,CVE-2022-42329) -
Guests can trigger deadlock in Linux netback driver |
MLIST |
www.openwall.com |
|
| oss-security - Re: Xen Security Advisory 424 v1 (CVE-2022-42328,CVE-2022-42329) -
Guests can trigger deadlock in Linux netback driver |
MLIST |
www.openwall.com |
|
| [SECURITY] [DLA 3244-1] linux-5.10 security update |
MLIST |
lists.debian.org |
|
| xenbits.xenproject.org/xsa/advisory-424.txt |
MISC |
xenbits.xenproject.org |
|
| CVE Program record |
CVE.ORG |
www.cve.org |
canonical |
| NVD vulnerability detail |
NVD |
nvd.nist.gov |
canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 181437 Debian Security Update for linux (CVE-2022-42329)
- 181440 Debian Security Update for linux-5.10 (DLA 3244-1)
- 181565 Debian Security Update for linux (DLA 3245-1)
- 199209 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5912-1)
- 199212 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5917-1)
- 199214 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5920-1)
- 199217 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5925-1)
- 199218 Ubuntu Security Notification for Linux kernel (Azure) Vulnerabilities (USN-5927-1)
- 199223 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5935-1)
- 199224 Ubuntu Security Notification for Linux kernel (Raspberry Pi) Vulnerabilities (USN-5934-1)
- 199226 Ubuntu Security Notification for Linux kernel (GCP) Vulnerabilities (USN-5939-1)
- 199227 Ubuntu Security Notification for Linux kernel (GKE) Vulnerabilities (USN-5938-1)
- 199229 Ubuntu Security Notification for Linux kernel (KVM) Vulnerabilities (USN-5941-1)
- 199230 Ubuntu Security Notification for Linux kernel (Raspberry Pi) Vulnerabilities (USN-5940-1)
- 199239 Ubuntu Security Notification for Linux kernel (IBM) Vulnerabilities (USN-5951-1)
- 199243 Ubuntu Security Notification for Linux kernel (Intel IoTG) Vulnerabilities (USN-5962-1)
- 199251 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5970-1)
- 199258 Ubuntu Security Notification for Linux kernel (HWE) Vulnerabilities (USN-5979-1)
- 199276 Ubuntu Security Notification for Linux kernel (BlueField) Vulnerabilities (USN-6000-1)
- 199502 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5975-1)
- 199541 Ubuntu Security Notification for Linux kernel (Azure) Vulnerabilities (USN-5924-1)
- 199566 Ubuntu Security Notification for Linux kernel (GCP) Vulnerabilities (USN-6007-1)
- 199581 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5919-1)
- 355199 Amazon Linux Security Advisory for kernel : ALAS2023-2023-070
- 378468 Alibaba Cloud Linux Security Update for cloud-kernel (ALINUX3-SA-20230042)
- 378512 Alibaba Cloud Linux Security Update for cloud-kernel (ALINUX3-SA-2023:0042)
- 753014 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:4505-1)
- 753020 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:4585-1)
- 753034 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:4504-1)
- 753038 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:4573-1)
- 753039 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:4574-1)
- 753047 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:4566-1)
- 753060 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:4615-1)
- 753063 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:4617-1)
- 753562 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:0134-1)
- 753583 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:0152-1)
- 753688 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:0406-1)
- 904673 Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (11590)
- 904676 Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (11584)
- 906227 Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (11590-2)
- 906397 Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (11584-2)
- 906570 Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (11590-4)
