CVE-2022-26365

Description

Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740). Additionally the granularity of the grant table doesn't allow sharing less than a 4K page, leading to unrelated data residing in the same 4K page as data shared with a backend being accessible by such backend (CVE-2022-33741, CVE-2022-33742).

CVSS Metrics

• v3.1•HIGH•Score: 7.1CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
• v2.0•LOW•Score: 3.6AV:L/AC:L/Au:N/C:P/I:N/A:P

EPSS Trends

Current EPSS score: 0.04%• Percentile: 14%

Techniques & Countermeasures

• CWE-401•Missing Release of Memory after Effective Lifetime

  The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

Affected Systems

• debian•debian_linux

  10.0 | 11.0

• fedoraproject•fedora

  35 | 36

• linux•linux_kernel

  ≥ 2.6.13, < 4.9.322 | ≥ 4.14, < 4.14.287 | ≥ 4.19, < 4.19.251 | ≥ 5.4, < 5.4.204 | ≥ 5.10, < 5.10.129 | ≥ 5.15, < 5.15.53 | ≥ 5.18, < 5.18.10 | 2.6.12:rc2 | 2.6.12:rc3 | 2.6.12:rc4 | 2.6.12:rc5 | 2.6.12:rc6 | 5.19:rc1 | 5.19:rc2 | 5.19:rc3 | 5.19:rc4 | 5.19:rc5

• xen•xen

  na

References (7)

• https://xenbits.xenproject.org/xsa/advisory-403.txt
• http://xenbits.xen.org/xsa/advisory-403.html
• http://www.openwall.com/lists/oss-security/2022/07/05/6
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IGFTRZ66KQYTSYIRT5FRHF5D6O72NWOP/
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RKRXZ4LHGCGMOG24ZCEJNY6R2BTS4S2Q/
• https://www.debian.org/security/2022/dsa-5191
• https://lists.debian.org/debian-lts-announce/2022/10/msg00000.html