7.1 CVE-2022-42327

Patch

 

x86: unintended memory sharing between guests On Intel systems that support the "virtualize APIC accesses" feature, a guest can read and write the global shared xAPIC page by moving the local APIC out of xAPIC mode. Access to this shared page bypasses the expected isolation that should exist between two guests.
https://nvd.nist.gov/vuln/detail/CVE-2022-42327

Categories

CWE-NVD-noinfo

References

CONFIRM Patch

FEDORA

FEDORA-2022-07438e12df
Mailing List Third Party Advisory
FEDORA-2022-9f51d13fa3
Mailing List Third Party Advisory

MISC

_MLIST Patch


 

CPE

cpe start end
Configuration 1
cpe:2.3:o:xen:xen:4.16:*:*:*:*:*:x86:*
Configuration 2
cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*

Patch

Url
http://xenbits.xen.org/xsa/advisory-412.html
[oss-security] 20221101 Xen Security Advisory 412 v2 (CVE-2022-42327) - x86: unintended memory sharing between guests

Exploits

Exploit-db.com
id description date
No known exploits
Other (github, ...)
Url
No known exploits

CAPEC

id description severity
No entry

Sherlock® flash

Take a picture of your computer network in a few clicks !

The Sherlock® flash audit solution allows you to perform an audit to strengthen the security of your IT assets. Vulnerability analysis of your physical and virtual equipment. Patch planning by priority level and time available. Detailed and intuitive reporting.

Discover this offer

Sherlock® flash: 1st instant cybersecurity audit solution