What is the severity of CVE-2021-28039?

The severity of CVE-2021-28039 is medium.

How does CVE-2021-28039 affect Linux kernel?

CVE-2021-28039 affects Linux kernel versions 5.9.x through 5.11.3 in some less-common configurations.

How does CVE-2021-28039 impact Xen?

CVE-2021-28039 impacts Xen in some less-common configurations.

Which software versions are affected by CVE-2021-28039?

CVE-2021-28039 affects Linux kernel versions 5.9.x through 5.11.3 and Netapp Cloud Backup and Netapp Solidfire Baseboard Management Controller Firmware.

How can I mitigate the vulnerability CVE-2021-28039?

Mitigation for CVE-2021-28039 is to apply the relevant security patches provided by the respective vendors.

Vulnerability/
CVE-2021-28039

medium

6.5

CWE

131

5/3/2021

3/8/2024

CVE-2021-28039

First published: Fri Mar 05 2021(Updated: )

An issue was discovered in the Linux kernel 5.9.x through 5.11.3, as used with Xen. In some less-common configurations, an x86 PV guest OS user can crash a Dom0 or driver domain via a large amount of I/O activity. The issue relates to misuse of guest physical addresses when a configuration has CONFIG_XEN_UNPOPULATED_ALLOC but not CONFIG_XEN_BALLOON_MEMORY_HOTPLUG.

Credit: cve@mitre.org cve@mitre.org

Affected Software	Affected Version	How to fix
All of
Linux Linux kernel	>=5.9.0<=5.11.3
Xen Xen
Netapp Cloud Backup
Netapp Solidfire Baseboard Management Controller Firmware

Remedy

http://www.openwall.com/lists/oss-security/2021/03/05/2

Remedy

http://xenbits.xen.org/xsa/advisory-369.html

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2021-28039?
The severity of CVE-2021-28039 is medium.
How does CVE-2021-28039 affect Linux kernel?
CVE-2021-28039 affects Linux kernel versions 5.9.x through 5.11.3 in some less-common configurations.
How does CVE-2021-28039 impact Xen?
CVE-2021-28039 impacts Xen in some less-common configurations.
Which software versions are affected by CVE-2021-28039?
CVE-2021-28039 affects Linux kernel versions 5.9.x through 5.11.3 and Netapp Cloud Backup and Netapp Solidfire Baseboard Management Controller Firmware.
How can I mitigate the vulnerability CVE-2021-28039?
Mitigation for CVE-2021-28039 is to apply the relevant security patches provided by the respective vendors.

collector/nvd-index
agent/type
agent/remedy
collector/mitre-cve
source/MITRE
agent/author
agent/weakness
agent/references
agent/severity
agent/softwarecombine
agent/last-modified-date
agent/description
agent/first-publish-date
agent/event
agent/tags
collector/nvd-api
source/NVD
agent/software-canonical-lookup
vendor/linux
canonical/linux linux kernel
version/linux linux kernel/5.9.0
version/linux linux kernel/5.11.3
vendor/xen
canonical/xen xen
vendor/netapp
canonical/netapp cloud backup
canonical/netapp solidfire baseboard management controller firmware

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.