Back to search
CVE-2021-28706
Published: Nov 24, 2021
Modified: Aug 3, 2024
PUBLISHED
Description
guests may exceed their designated memory limit When a guest is permitted to have close to 16TiB of memory, it may be able to issue hypercalls to increase its memory allocation beyond the administrator established limit. This is a result of a calculation done with 32-bit precision, which may overflow. It would then only be the overflowed (and hence small) number which gets compared against the established upper bound.
| Vendor | Product | Versions |
|---|---|---|
Xen | xen | affected 4.12.x |
Xen | xen | unknown unspecified - < 4.12affected 4.14.x - < unspecifiedunaffected next of 4.15.x - < unspecified |
Xen | xen | affected xen-unstable |
Xen | xen | affected 4.13.x |
References
FEDORA-2021-03645e9807
vendor-advisory
DSA-5017
vendor-advisory
FEDORA-2021-2b3a2de94f
vendor-advisory
GLSA-202402-07
vendor-advisory
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now