{"api_version":"1","generated_at":"2026-04-22T23:53:03+00:00","cve":"CVE-2022-33745","urls":{"html":"https://cve.report/CVE-2022-33745","api":"https://cve.report/api/cve/CVE-2022-33745.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2022-33745","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2022-33745"},"summary":{"title":"CVE-2022-33745","description":"insufficient TLB flush for x86 PV guests in shadow mode For migration as well as to work around kernels unaware of L1TF (see XSA-273), PV guests may be run in shadow paging mode. To address XSA-401, code was moved inside a function in Xen. This code movement missed a variable changing meaning / value between old and new code positions. The now wrong use of the variable did lead to a wrong TLB flush condition, omitting flushes where such are necessary.","state":"PUBLIC","assigner":"security@xen.org","published_at":"2022-07-26 13:15:00","updated_at":"2023-11-07 03:48:00"},"problem_types":["NVD-CWE-noinfo"],"metrics":[],"references":[{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MYI3OMJ7RIZNL3C6GUWNANNPEUUID6FM/","name":"FEDORA-2022-a0d7a5eaf2","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 35 Update: xen-4.15.3-4.fc35 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HUFIMNGYP5VQAA6KE3T2I5GW6UP6F7BS/","name":"FEDORA-2022-4f7cd241e2","refsource":"","tags":[],"title":"[SECURITY] Fedora 36 Update: xen-4.16.1-8.fc36 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://xenbits.xen.org/xsa/advisory-408.html","name":"http://xenbits.xen.org/xsa/advisory-408.html","refsource":"CONFIRM","tags":[],"title":"XSA-408 - Xen Security Advisories","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"http://www.openwall.com/lists/oss-security/2022/07/26/3","name":"[oss-security] 20220726 Xen Security Advisory 408 v3 (CVE-2022-33745) - insufficient TLB flush for x86 PV guests in shadow mode","refsource":"MLIST","tags":[],"title":"oss-security - Xen Security Advisory 408 v3 (CVE-2022-33745) - insufficient TLB\n flush for x86 PV guests in shadow mode","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MYI3OMJ7RIZNL3C6GUWNANNPEUUID6FM/","name":"FEDORA-2022-a0d7a5eaf2","refsource":"","tags":[],"title":"[SECURITY] Fedora 35 Update: xen-4.15.3-4.fc35 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.debian.org/security/2022/dsa-5272","name":"DSA-5272","refsource":"DEBIAN","tags":[],"title":"Debian -- Security Information -- DSA-5272-1 xen","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"http://www.openwall.com/lists/oss-security/2022/07/26/2","name":"[oss-security] 20220726 Xen Security Advisory 408 v2 (CVE-2022-33745) - insufficient TLB flush for x86 PV guests in shadow mode","refsource":"MLIST","tags":[],"title":"oss-security - Xen Security Advisory 408 v2 (CVE-2022-33745) - insufficient TLB\n flush for x86 PV guests in shadow mode","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://xenbits.xenproject.org/xsa/advisory-408.txt","name":"https://xenbits.xenproject.org/xsa/advisory-408.txt","refsource":"MISC","tags":[],"title":"","mime":"text/plain","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HUFIMNGYP5VQAA6KE3T2I5GW6UP6F7BS/","name":"FEDORA-2022-4f7cd241e2","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 36 Update: xen-4.16.1-8.fc36 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.cve.org/CVERecord?id=CVE-2022-33745","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-33745","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[{"source":"LEGACY","value":"Array","lang":""}],"nvd_cpes":[{"cve_year":"2022","cve_id":"33745","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"debian","cpe5":"debian_linux","cpe6":"11.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"33745","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"fedoraproject","cpe5":"fedora","cpe6":"35","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"33745","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"fedoraproject","cpe5":"fedora","cpe6":"36","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"33745","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"xen","cpe5":"xen","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"x86","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2022-33745","qid":"181193","title":"Debian Security Update for xen (DSA 5272-1)"},{"cve":"CVE-2022-33745","qid":"183603","title":"Debian Security Update for xen (CVE-2022-33745)"},{"cve":"CVE-2022-33745","qid":"282996","title":"Fedora Security Update for xen (FEDORA-2022-4f7cd241e2)"},{"cve":"CVE-2022-33745","qid":"283032","title":"Fedora Security Update for xen (FEDORA-2022-a0d7a5eaf2)"},{"cve":"CVE-2022-33745","qid":"377767","title":"Citrix XenServer Security Updates (CTX463455)"},{"cve":"CVE-2022-33745","qid":"502464","title":"Alpine Linux Security Update for xen"},{"cve":"CVE-2022-33745","qid":"502465","title":"Alpine Linux Security Update for xen"},{"cve":"CVE-2022-33745","qid":"502816","title":"Alpine Linux Security Update for xen"},{"cve":"CVE-2022-33745","qid":"505705","title":"Alpine Linux Security Update for xen"},{"cve":"CVE-2022-33745","qid":"752393","title":"SUSE Enterprise Linux Security Update for xen (SUSE-SU-2022:2557-1)"},{"cve":"CVE-2022-33745","qid":"752395","title":"SUSE Enterprise Linux Security Update for xen (SUSE-SU-2022:2560-1)"},{"cve":"CVE-2022-33745","qid":"752399","title":"SUSE Enterprise Linux Security Update for xen (SUSE-SU-2022:2601-1)"},{"cve":"CVE-2022-33745","qid":"752400","title":"SUSE Enterprise Linux Security Update for xen (SUSE-SU-2022:2600-1)"},{"cve":"CVE-2022-33745","qid":"752405","title":"SUSE Enterprise Linux Security Update for xen (SUSE-SU-2022:2599-1)"},{"cve":"CVE-2022-33745","qid":"752410","title":"SUSE Enterprise Linux Security Update for xen (SUSE-SU-2022:2597-1)"},{"cve":"CVE-2022-33745","qid":"752411","title":"SUSE Enterprise Linux Security Update for xen (SUSE-SU-2022:2591-1)"},{"cve":"CVE-2022-33745","qid":"752684","title":"SUSE Enterprise Linux Security Update for xen (SUSE-SU-2022:3665-1)"}]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"security@xen.org","ID":"CVE-2022-33745","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"xen","version":{"version_data":[{"version_affected":"?","version_value":"consult Xen advisory XSA-408"}]}}]},"vendor_name":"Xen"}]}},"configuration":{"configuration_data":{"description":{"description_data":[{"lang":"eng","value":"All versions of Xen with the XSA-401 fixes applied are vulnerable.\n\nOnly x86 PV guests can trigger this vulnerability, and only when running\nin shadow mode.  Shadow mode would be in use when migrating guests or as\na workaround for XSA-273 (L1TF)."}]}}},"credit":{"credit_data":{"description":{"description_data":[{"lang":"eng","value":"This issue was discovered by Charles Arnold of SUSE."}]}}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"insufficient TLB flush for x86 PV guests in shadow mode For migration as well as to work around kernels unaware of L1TF (see XSA-273), PV guests may be run in shadow paging mode. To address XSA-401, code was moved inside a function in Xen. This code movement missed a variable changing meaning / value between old and new code positions. The now wrong use of the variable did lead to a wrong TLB flush condition, omitting flushes where such are necessary."}]},"impact":{"impact_data":{"description":{"description_data":[{"lang":"eng","value":"The known (observed) impact would be a Denial of Service (DoS) affecting\nthe entire host, due to running out of memory.  Privilege escalation and\ninformation leaks cannot be ruled out."}]}}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"unknown"}]}]},"references":{"reference_data":[{"url":"https://xenbits.xenproject.org/xsa/advisory-408.txt","refsource":"MISC","name":"https://xenbits.xenproject.org/xsa/advisory-408.txt"},{"refsource":"CONFIRM","name":"http://xenbits.xen.org/xsa/advisory-408.html","url":"http://xenbits.xen.org/xsa/advisory-408.html"},{"refsource":"MLIST","name":"[oss-security] 20220726 Xen Security Advisory 408 v2 (CVE-2022-33745) - insufficient TLB flush for x86 PV guests in shadow mode","url":"http://www.openwall.com/lists/oss-security/2022/07/26/2"},{"refsource":"MLIST","name":"[oss-security] 20220726 Xen Security Advisory 408 v3 (CVE-2022-33745) - insufficient TLB flush for x86 PV guests in shadow mode","url":"http://www.openwall.com/lists/oss-security/2022/07/26/3"},{"refsource":"FEDORA","name":"FEDORA-2022-4f7cd241e2","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HUFIMNGYP5VQAA6KE3T2I5GW6UP6F7BS/"},{"refsource":"FEDORA","name":"FEDORA-2022-a0d7a5eaf2","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MYI3OMJ7RIZNL3C6GUWNANNPEUUID6FM/"},{"refsource":"DEBIAN","name":"DSA-5272","url":"https://www.debian.org/security/2022/dsa-5272"}]},"workaround":{"workaround_data":{"description":{"description_data":[{"lang":"eng","value":"Not running x86 PV guests will avoid the vulnerability."}]}}}},"nvd":{"publishedDate":"2022-07-26 13:15:00","lastModifiedDate":"2023-11-07 03:48:00","problem_types":["NVD-CWE-noinfo"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.8,"baseSeverity":"HIGH"},"exploitabilityScore":2,"impactScore":6}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:xen:xen:*:*:*:*:*:*:x86:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":null,"notes":[]}}}