CVE-2022-26360

IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Reserved Memory Region Reporting, "RMRR") for Intel VT-d or Unity Mapping ranges for AMD-Vi. These are typically used for platform tasks such as legacy USB emulation. Since the precise purpose of these regions is unknown, once a device associated with such a region is active, the mappings of these regions need to remain continuouly accessible by the device. This requirement has been violated. Subsequent DMA or interrupts from the device may have unpredictable behaviour, ranging from IOMMU faults to memory corruption.
Configurations

Configuration 1 (hide)

cpe:2.3:o:xen:xen:-:*:*:*:*:*:x86:*

Configuration 2 (hide)

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*

History

21 Nov 2024, 06:53

Type Values Removed Values Added
References () http://www.openwall.com/lists/oss-security/2022/04/05/3 - Mailing List, Patch, Third Party Advisory () http://www.openwall.com/lists/oss-security/2022/04/05/3 - Mailing List, Patch, Third Party Advisory
References () http://xenbits.xen.org/xsa/advisory-400.html - Patch, Vendor Advisory () http://xenbits.xen.org/xsa/advisory-400.html - Patch, Vendor Advisory
References () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6ETPM2OVZZ6KOS2L7QO7SIW6XWT5OW3F/ - () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6ETPM2OVZZ6KOS2L7QO7SIW6XWT5OW3F/ -
References () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UHFSRVLM2JUCPDC2KGB7ETPQYJLCGBLD/ - () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UHFSRVLM2JUCPDC2KGB7ETPQYJLCGBLD/ -
References () https://security.gentoo.org/glsa/202402-07 - () https://security.gentoo.org/glsa/202402-07 -
References () https://www.debian.org/security/2022/dsa-5117 - Third Party Advisory () https://www.debian.org/security/2022/dsa-5117 - Third Party Advisory
References () https://xenbits.xenproject.org/xsa/advisory-400.txt - Vendor Advisory () https://xenbits.xenproject.org/xsa/advisory-400.txt - Vendor Advisory

04 Feb 2024, 08:15

Type Values Removed Values Added
References
  • () https://security.gentoo.org/glsa/202402-07 -

07 Nov 2023, 03:44

Type Values Removed Values Added
References
  • {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6ETPM2OVZZ6KOS2L7QO7SIW6XWT5OW3F/', 'name': 'FEDORA-2022-64b2c02d29', 'tags': ['Third Party Advisory'], 'refsource': 'FEDORA'}
  • {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UHFSRVLM2JUCPDC2KGB7ETPQYJLCGBLD/', 'name': 'FEDORA-2022-dfbf7e2372', 'tags': ['Third Party Advisory'], 'refsource': 'FEDORA'}
  • () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UHFSRVLM2JUCPDC2KGB7ETPQYJLCGBLD/ -
  • () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6ETPM2OVZZ6KOS2L7QO7SIW6XWT5OW3F/ -

Information

Published : 2022-04-05 13:15

Updated : 2024-11-21 06:53


NVD link : CVE-2022-26360

Mitre link : CVE-2022-26360

CVE.ORG link : CVE-2022-26360


JSON object : View

Products Affected

debian

  • debian_linux

xen

  • xen

fedoraproject

  • fedora