CVE-2022-26357
05.04.2022, 13:15
race in VT-d domain ID cleanup Xen domain IDs are up to 15 bits wide. VT-d hardware may allow for only less than 15 bits to hold a domain ID associating a physical device with a particular domain. Therefore internally Xen domain IDs are mapped to the smaller value range. The cleaning up of the housekeeping structures has a race, allowing for VT-d domain IDs to be leaked and flushes to be bypassed.
| Vendor | Product | Version |
|---|---|---|
| xen | xen | 4.11.0 ≤ 𝑥 < 4.12.0 |
| xen | xen | 4.13.0 ≤ 𝑥 < 4.16.0 |
| debian | debian_linux | 11.0 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
References