{"api_version":"1","generated_at":"2026-04-22T21:27:41+00:00","cve":"CVE-2021-28688","urls":{"html":"https://cve.report/CVE-2021-28688","api":"https://cve.report/api/cve/CVE-2021-28688.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2021-28688","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2021-28688"},"summary":{"title":"CVE-2021-28688","description":"The fix for XSA-365 includes initialization of pointers such that subsequent cleanup code wouldn't use uninitialized or stale values. This initialization went too far and may under certain conditions also overwrite pointers which are in need of cleaning up. The lack of cleanup would result in leaking persistent grants. The leak in turn would prevent fully cleaning up after a respective guest has died, leaving around zombie domains. All Linux versions having the fix for XSA-365 applied are vulnerable. XSA-365 was classified to affect versions back to at least 3.11.","state":"PUBLIC","assigner":"security@xen.org","published_at":"2021-04-06 19:15:00","updated_at":"2022-05-27 16:46:00"},"problem_types":["CWE-665"],"metrics":[],"references":[{"url":"https://xenbits.xenproject.org/xsa/advisory-371.txt","name":"https://xenbits.xenproject.org/xsa/advisory-371.txt","refsource":"MISC","tags":[],"title":"","mime":"text/plain","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html","name":"[debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update","refsource":"MLIST","tags":[],"title":"[SECURITY] [DLA 2689-1] linux security update","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html","name":"[debian-lts-announce] 20210623 [SECURITY] [DLA 2690-1] linux-4.19 security update","refsource":"MLIST","tags":[],"title":"[SECURITY] [DLA 2690-1] linux-4.19 security update","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.cve.org/CVERecord?id=CVE-2021-28688","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-28688","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[{"source":"LEGACY","value":"Array","lang":""}],"nvd_cpes":[{"cve_year":"2021","cve_id":"28688","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"debian","cpe5":"debian_linux","cpe6":"9.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"28688","vulnerable":"1","versionEndIncluding":"5.10.18","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"linux","cpe5":"linux_kernel","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2021-28688","qid":"159175","title":"Oracle Enterprise Linux Security Update for Unbreakable Enterprise kernel (ELSA-2021-9215)"},{"cve":"CVE-2021-28688","qid":"159177","title":"Oracle Enterprise Linux Security Update for Unbreakable Enterprise kernel (ELSA-2021-9220)"},{"cve":"CVE-2021-28688","qid":"159178","title":"Oracle Enterprise Linux Security Update for Unbreakable Enterprise kernel-container (ELSA-2021-9221)"},{"cve":"CVE-2021-28688","qid":"159179","title":"Oracle Enterprise Linux Security Update for Unbreakable Enterprise kernel (ELSA-2021-9222)"},{"cve":"CVE-2021-28688","qid":"159180","title":"Oracle Enterprise Linux Security Update for Unbreakable Enterprise kernel-container (ELSA-2021-9223)"},{"cve":"CVE-2021-28688","qid":"174896","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2021:1177-1)"},{"cve":"CVE-2021-28688","qid":"174897","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2021:1175-1)"},{"cve":"CVE-2021-28688","qid":"174916","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2021:1210-1)"},{"cve":"CVE-2021-28688","qid":"174917","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2021:1211-1)"},{"cve":"CVE-2021-28688","qid":"174919","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2021:1238-1)"},{"cve":"CVE-2021-28688","qid":"174947","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 38 for SLE 12 SP3) (SUSE-SU-2021:1341-1)"},{"cve":"CVE-2021-28688","qid":"174950","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 21 for SLE 15) (SUSE-SU-2021:1344-1)"},{"cve":"CVE-2021-28688","qid":"174952","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 23 for SLE 15) (SUSE-SU-2021:1347-1)"},{"cve":"CVE-2021-28688","qid":"174953","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 23 for SLE 15 SP1) (SUSE-SU-2021:1395-1)"},{"cve":"CVE-2021-28688","qid":"174954","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 36 for SLE 12 SP3) (SUSE-SU-2021:1373-1)"},{"cve":"CVE-2021-28688","qid":"174955","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 17 for SLE 15 SP1) (SUSE-SU-2021:1365-1)"},{"cve":"CVE-2021-28688","qid":"178679","title":"Debian Security Update for linux-4.19 (DLA 2690-1)"},{"cve":"CVE-2021-28688","qid":"178680","title":"Debian Security Update for linux (DLA 2689-1)"},{"cve":"CVE-2021-28688","qid":"180354","title":"Debian Security Update for linux (CVE-2021-28688)"},{"cve":"CVE-2021-28688","qid":"198365","title":"Ubuntu Security Notification for Linux kernel (OEM) vulnerabilities (USN-4948-1)"},{"cve":"CVE-2021-28688","qid":"198371","title":"Ubuntu Security Notification for Linux kernel vulnerabilities (USN-4946-1)"},{"cve":"CVE-2021-28688","qid":"198401","title":"Ubuntu Security Notification for Linux kernel vulnerabilities (USN-4982-1)"},{"cve":"CVE-2021-28688","qid":"198403","title":"Ubuntu Security Notification for Linux kernel vulnerabilities (USN-4984-1)"},{"cve":"CVE-2021-28688","qid":"352274","title":"Amazon Linux Security Advisory for kernel: ALAS2-2021-1627"},{"cve":"CVE-2021-28688","qid":"352366","title":"Amazon Linux Security Advisory for kernel: ALAS-2021-1503"},{"cve":"CVE-2021-28688","qid":"353100","title":"Amazon Linux Security Advisory for kernel : ALAC2012-2021-024"},{"cve":"CVE-2021-28688","qid":"353101","title":"Amazon Linux Security Advisory for kmod-mlx5 : ALAC2012-2021-025"},{"cve":"CVE-2021-28688","qid":"353102","title":"Amazon Linux Security Advisory for kmod-sfc : ALAC2012-2021-026"},{"cve":"CVE-2021-28688","qid":"353149","title":"Amazon Linux Security Advisory for kernel : ALAS2KERNEL-5.4-2022-002"},{"cve":"CVE-2021-28688","qid":"375504","title":"Citrix XenServer Security Updates(CTX306565)"},{"cve":"CVE-2021-28688","qid":"390225","title":"Oracle Managed Virtualization (VM) Server for x86 Security Update for kernel (OVMSA-2021-0016)"},{"cve":"CVE-2021-28688","qid":"6140394","title":"AWS Bottlerocket Security Update for kernel (GHSA-86p4-6h36-c333)"},{"cve":"CVE-2021-28688","qid":"670416","title":"EulerOS Security Update for kernel (EulerOS-SA-2021-1983)"},{"cve":"CVE-2021-28688","qid":"670438","title":"EulerOS Security Update for kernel (EulerOS-SA-2021-2062)"},{"cve":"CVE-2021-28688","qid":"671723","title":"EulerOS Security Update for kernel (EulerOS-SA-2022-1780)"},{"cve":"CVE-2021-28688","qid":"750004","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2021:1573-1)"},{"cve":"CVE-2021-28688","qid":"750006","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2021:1596-1)"},{"cve":"CVE-2021-28688","qid":"750015","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2021:1624-1)"},{"cve":"CVE-2021-28688","qid":"750199","title":"OpenSUSE Security Update for the Linux Kernel (openSUSE-SU-2021:0758-1)"},{"cve":"CVE-2021-28688","qid":"750276","title":"OpenSUSE Security Update for the Linux Kernel (openSUSE-SU-2021:0532-1)"},{"cve":"CVE-2021-28688","qid":"750650","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2021:1975-1)"},{"cve":"CVE-2021-28688","qid":"750652","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2021:1977-1)"},{"cve":"CVE-2021-28688","qid":"750675","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 39 for SLE 12 SP3) (SUSE-SU-2021:2026-1)"},{"cve":"CVE-2021-28688","qid":"750762","title":"OpenSUSE Security Update for the Linux Kernel (openSUSE-SU-2021:1977-1)"},{"cve":"CVE-2021-28688","qid":"750766","title":"OpenSUSE Security Update for the Linux Kernel (openSUSE-SU-2021:1975-1)"},{"cve":"CVE-2021-28688","qid":"751036","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 40 for SLE 12 SP3) (SUSE-SU-2021:2846-1)"},{"cve":"CVE-2021-28688","qid":"751487","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 41 for SLE 12 SP3) (SUSE-SU-2021:4052-1)"},{"cve":"CVE-2021-28688","qid":"751776","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 42 for SLE 12 SP3) (SUSE-SU-2022:0668-1)"},{"cve":"CVE-2021-28688","qid":"751933","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 43 for SLE 12 SP3) (SUSE-SU-2022:1003-1)"},{"cve":"CVE-2021-28688","qid":"752116","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 44 for SLE 12 SP3) (SUSE-SU-2022:1641-1)"},{"cve":"CVE-2021-28688","qid":"752231","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:2082-1)"}]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"security@xen.org","ID":"CVE-2021-28688","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"Linux","version":{"version_data":[{"version_affected":"?<","version_value":"4.12"},{"version_affected":">=","version_value":"3.11"},{"version_affected":"!>","version_value":"4.3"}]}},{"product_name":"Linux","version":{"version_data":[{"version_value":"5.11.1"}]}},{"product_name":"Linux","version":{"version_data":[{"version_value":"5.12-rc"}]}},{"product_name":"Linux","version":{"version_data":[{"version_value":"5.10.18"}]}},{"product_name":"Linux","version":{"version_data":[{"version_affected":"?<","version_value":"4.12"},{"version_affected":"?>=","version_value":"4.4"},{"version_affected":"!>","version_value":"5.9"}]}}]},"vendor_name":"Linux"}]}},"configuration":{"configuration_data":{"description":{"description_data":[{"lang":"eng","value":"All Linux versions having the fix for XSA-365 applied are vulnerable.\nXSA-365 was classified to affect versions back to at least 3.11."}]}}},"credit":{"credit_data":{"description":{"description_data":[{"lang":"eng","value":"This issue was discovered by Nicolai Stange of SUSE."}]}}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"The fix for XSA-365 includes initialization of pointers such that subsequent cleanup code wouldn't use uninitialized or stale values. This initialization went too far and may under certain conditions also overwrite pointers which are in need of cleaning up. The lack of cleanup would result in leaking persistent grants. The leak in turn would prevent fully cleaning up after a respective guest has died, leaving around zombie domains. All Linux versions having the fix for XSA-365 applied are vulnerable. XSA-365 was classified to affect versions back to at least 3.11."}]},"impact":{"impact_data":{"description":{"description_data":[{"lang":"eng","value":"A malicious or buggy frontend driver may be able to cause resource leaks\nfrom the corresponding backend driver.  This can result in a host-wide\nDenial of Sevice (DoS)."}]}}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"unknown"}]}]},"references":{"reference_data":[{"url":"https://xenbits.xenproject.org/xsa/advisory-371.txt","refsource":"MISC","name":"https://xenbits.xenproject.org/xsa/advisory-371.txt"},{"refsource":"MLIST","name":"[debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update","url":"https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html"},{"refsource":"MLIST","name":"[debian-lts-announce] 20210623 [SECURITY] [DLA 2690-1] linux-4.19 security update","url":"https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html"}]},"workaround":{"workaround_data":{"description":{"description_data":[{"lang":"eng","value":"Reconfiguring guests to use alternative (e.g. qemu-based) backends may\navoid the vulnerability.\n\nAvoiding the use of persistent grants will also avoid the vulnerability.\nThis can be achieved by passing the \"feature_persistent=0\" module option\nto the xen-blkback driver."}]}}}},"nvd":{"publishedDate":"2021-04-06 19:15:00","lastModifiedDate":"2022-05-27 16:46:00","problem_types":["CWE-665"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH","baseScore":6.5,"baseSeverity":"MEDIUM"},"exploitabilityScore":2,"impactScore":4},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:N/I:N/A:P","accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL","baseScore":2.1},"severity":"LOW","exploitabilityScore":3.9,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.11","versionEndIncluding":"5.10.18","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2021","CveId":"28688","Ordinal":"203864","Title":"CVE-2021-28688","CVE":"CVE-2021-28688","Year":"2021"},"notes":[{"CveYear":"2021","CveId":"28688","Ordinal":"1","NoteData":"The fix for XSA-365 includes initialization of pointers such that subsequent cleanup code wouldn't use uninitialized or stale values. This initialization went too far and may under certain conditions also overwrite pointers which are in need of cleaning up. The lack of cleanup would result in leaking persistent grants. The leak in turn would prevent fully cleaning up after a respective guest has died, leaving around zombie domains. All Linux versions having the fix for XSA-365 applied are vulnerable. XSA-365 was classified to affect versions back to at least 3.11.","Type":"Description","Title":null},{"CveYear":"2021","CveId":"28688","Ordinal":"2","NoteData":"2021-04-06","Type":"Other","Title":"Published"},{"CveYear":"2021","CveId":"28688","Ordinal":"3","NoteData":"2021-06-22","Type":"Other","Title":"Modified"}]}}}