CVE-2021-28705
First published: Wed Nov 24 2021(Updated: )
issues with partially successful P2M updates on x86 T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] x86 HVM and PVH guests may be started in populate-on-demand (PoD) mode, to provide a way for them to later easily have more memory assigned. Guests are permitted to control certain P2M aspects of individual pages via hypercalls. These hypercalls may act on ranges of pages specified via page orders (resulting in a power-of-2 number of pages). In some cases the hypervisor carries out the requests by splitting them into smaller chunks. Error handling in certain PoD cases has been insufficient in that in particular partial success of some operations was not properly accounted for. There are two code paths affected - page removal (CVE-2021-28705) and insertion of new pages (CVE-2021-28709). (We provide one patch which combines the fix to both issues.)
Credit: security@xen.org security@xen.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| debian/xen | <=4.11.4+107-gef32c7afa2-1 | 4.14.6-1 4.14.5+94-ge49571868d-1 4.17.1+2-gb773c48e36-1 4.17.2+55-g0b56bed864-1 |
| Xen XAPI | >=3.4.0<=4.12.4 | |
| Xen XAPI | >=4.13.0<=4.13.4 | |
| Xen XAPI | >=4.14.0<=4.14.3 | |
| Xen XAPI | =4.15.0 | |
| Xen XAPI | =4.15.1 | |
| Fedora | =34 | |
| Fedora | =35 | |
| Debian | =11.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://xenbits.xen.org/xsa/advisory-389.html
- https://security-tracker.debian.org/tracker/CVE-2021-28705
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I7ZGWVVRI4XY2XSTBI3XEMWBXPDVX6OT/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PXUI4VMD52CH3T7YXAG3J2JW7ZNN3SXF/
- https://www.debian.org/security/2021/dsa-5017
- https://xenbits.xenproject.org/xsa/advisory-389.txt
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I7ZGWVVRI4XY2XSTBI3XEMWBXPDVX6OT/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PXUI4VMD52CH3T7YXAG3J2JW7ZNN3SXF/
- https://security.gentoo.org/glsa/202402-07
Frequently Asked Questions
What is the severity of CVE-2021-28705?
CVE-2021-28705 has been classified as a moderate severity vulnerability.
How do I fix CVE-2021-28705?
To address CVE-2021-28705, upgrade to a fixed version of Xen or the applicable operating system as specified in the advisories.
Which software versions are affected by CVE-2021-28705?
CVE-2021-28705 affects various versions of Xen between 3.4.0 and 4.14.3, among others.
What impact does CVE-2021-28705 have?
The vulnerability in CVE-2021-28705 may allow specific types of partial P2M updates that can affect guest systems.
Where can I find more information on CVE-2021-28705?
Information on CVE-2021-28705 can be found in security advisories from Xen and relevant security trackers.
- collector/security-tracker-debian
- agent/type
- agent/references
- agent/severity
- agent/weakness
- agent/remedy
- agent/description
- agent/first-publish-date
- agent/event
- agent/author
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- collector/nvd-api
- source/NVD
- package-manager/debian
- vendor/xen
- canonical/xen xapi
- version/xen xapi/3.4.0
- version/xen xapi/4.12.4
- version/xen xapi/4.13.0
- version/xen xapi/4.13.4
- version/xen xapi/4.14.0
- version/xen xapi/4.14.3
- version/xen xapi/4.15.0
- version/xen xapi/4.15.1
- vendor/fedoraproject
- canonical/fedora
- version/fedora/34
- version/fedora/35
- vendor/debian
- canonical/debian
- version/debian/11.0