{ "containers": { "cna": { "providerMetadata": { "orgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038" }, "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nxen/netfront: react properly to failing gnttab_end_foreign_access_ref()\n\nWhen calling gnttab_end_foreign_access_ref() the returned value must\nbe tested and the reaction to that value should be appropriate.\n\nIn case of failure in xennet_get_responses() the reaction should not be\nto crash the system, but to disable the network device.\n\nThe calls in setup_netfront() can be replaced by calls of\ngnttab_end_foreign_access(). While at it avoid double free of ring\npages and grant references via xennet_disconnect_backend() in this case.\n\nThis is CVE-2022-23042 / part of XSA-396.\n\n---\nV2:\n- avoid double free\nV3:\n- remove pointless initializer (Jan Beulich)" } ], "affected": [ { "product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": [ "drivers/net/xen-netfront.c" ], "versions": [ { "version": "1da177e4c3f4", "lessThan": "c4497b057b14", "status": "affected", "versionType": "git" }, { "version": "1da177e4c3f4", "lessThan": "1b9f4115738a", "status": "affected", "versionType": "git" }, { "version": "1da177e4c3f4", "lessThan": "c307029d811e", "status": "affected", "versionType": "git" }, { "version": "1da177e4c3f4", "lessThan": "0e35f3ab69bc", "status": "affected", "versionType": "git" }, { "version": "1da177e4c3f4", "lessThan": "206c8e271ba2", "status": "affected", "versionType": "git" }, { "version": "1da177e4c3f4", "lessThan": "dea18aef2021", "status": "affected", "versionType": "git" }, { "version": "1da177e4c3f4", "lessThan": "34630641e955", "status": "affected", "versionType": "git" }, { "version": "1da177e4c3f4", "lessThan": "66e3531b33ee", "status": "affected", "versionType": "git" } ] }, { "product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": [ "drivers/net/xen-netfront.c" ], "versions": [ { "version": "4.9.306", "lessThanOrEqual": "4.9.*", "status": "unaffected", "versionType": "custom" }, { "version": "4.14.271", "lessThanOrEqual": "4.14.*", "status": "unaffected", "versionType": "custom" }, { "version": "4.19.234", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "custom" }, { "version": "5.4.184", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "custom" }, { "version": "5.10.105", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "custom" }, { "version": "5.15.28", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "custom" }, { "version": "5.16.14", "lessThanOrEqual": "5.16.*", "status": "unaffected", "versionType": "custom" }, { "version": "5.17", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix" } ] } ], "references": [ { "url": "https://git.kernel.org/stable/c/c4497b057b14274e159434f0ed70439a21f3d2a9" }, { "url": "https://git.kernel.org/stable/c/1b9f4115738af90427a8c94a3980bc52fbb23296" }, { "url": "https://git.kernel.org/stable/c/c307029d811e03546d18d0e512fe295b3103b8e5" }, { "url": "https://git.kernel.org/stable/c/0e35f3ab69bcb01fdbf5aadc78f1731778963b1c" }, { "url": "https://git.kernel.org/stable/c/206c8e271ba2630f1d809123945d9c428f93b0f0" }, { "url": "https://git.kernel.org/stable/c/dea18aef2021022a568f4d385a1386f51a9df6ff" }, { "url": "https://git.kernel.org/stable/c/34630641e955f23ae06db178822d99d0a9d89b20" }, { "url": "https://git.kernel.org/stable/c/66e3531b33ee51dad17c463b4d9c9f52e341503d" } ], "title": "xen/netfront: react properly to failing gnttab_end_foreign_access_ref()", "x_generator": { "engine": "bippy-c9c4e1df01b2" } } }, "cveMetadata": { "assignerOrgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038", "cveID": "CVE-2022-48900", "requesterUserId": "gregkh@kernel.org", "serial": "1", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.0" }