CVE-2022-23035: Use After Free
First published: Tue Jan 25 2022(Updated: )
Insufficient cleanup of passed-through device IRQs The management of IRQs associated with physical devices exposed to x86 HVM guests involves an iterative operation in particular when cleaning up after the guest's use of the device. In the case where an interrupt is not quiescent yet at the time this cleanup gets invoked, the cleanup attempt may be scheduled to be retried. When multiple interrupts are involved, this scheduling of a retry may get erroneously skipped. At the same time pointers may get cleared (resulting in a de-reference of NULL) and freed (resulting in a use-after-free), while other code would continue to assume them to be valid.
Credit: security@xen.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| debian/xen | <=4.11.4+107-gef32c7afa2-1 | 4.14.6-1 4.14.5+94-ge49571868d-1 4.17.1+2-gb773c48e36-1 4.17.2+55-g0b56bed864-1 |
| Xen xen-unstable | >=4.6.0 | |
| Fedora | =34 | |
| Debian | =11.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.openwall.com/lists/oss-security/2022/01/25/4
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OMR6UBGJW6JKND7IILGQ2CU35EQPF3E3/
- https://security.gentoo.org/glsa/202208-23
- https://www.debian.org/security/2022/dsa-5117
- https://xenbits.xenproject.org/xsa/advisory-395.txt
- https://xenbits.xen.org/xsa/advisory-395.html
- https://security-tracker.debian.org/tracker/CVE-2022-23035
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OMR6UBGJW6JKND7IILGQ2CU35EQPF3E3/
Frequently Asked Questions
What is the severity of CVE-2022-23035?
CVE-2022-23035 has a medium severity rating due to insufficient cleanup of IRQs that can lead to system instability.
How do I fix CVE-2022-23035?
To fix CVE-2022-23035, upgrade to the patched versions of Xen as specified in the advisory for your Linux distribution.
What systems are affected by CVE-2022-23035?
CVE-2022-23035 affects various versions of the Xen hypervisor, particularly those prior to 4.14.6-1 and including versions 4.11.4+107-gef32c7afa2-1.
Is CVE-2022-23035 exploitable remotely?
CVE-2022-23035 is not directly exploitable remotely; it requires local access to the affected virtual machines.
What are the implications of CVE-2022-23035 for virtualized environments?
The implications of CVE-2022-23035 in virtualized environments include potential data corruption and increased system downtime due to IRQ mismanagement.
- collector/security-tracker-debian
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/severity
- agent/remedy
- agent/last-modified-date
- agent/references
- agent/author
- agent/first-publish-date
- agent/event
- agent/description
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- package-manager/debian
- vendor/xen
- canonical/xen xen-unstable
- version/xen xen-unstable/4.6.0
- vendor/fedoraproject
- canonical/fedora
- version/fedora/34
- vendor/debian
- canonical/debian
- version/debian/11.0