QwikSec

Security Database

CVE

CWE

Training

CVE-2022-42335

Published: Apr 25, 2023

Modified: Aug 3, 2024

PUBLISHED

Description

x86 shadow paging arbitrary pointer dereference In environments where host assisted address translation is necessary but Hardware Assisted Paging (HAP) is unavailable, Xen will run guests in so called shadow mode. Due to too lax a check in one of the hypervisor routines used for shadow page handling it is possible for a guest with a PCI device passed through to cause the hypervisor to access an arbitrary pointer partially under guest control.

Vendor	Product	Versions
Xen	xen	unknown `consult Xen advisory XSA-430`

References

https://xenbits.xenproject.org/xsa/advisory-430.txt

http://xenbits.xen.org/xsa/advisory-430.html

[oss-security] 20230425 Xen Security Advisory 430 v2 (CVE-2022-42335) - x86 shadow paging arbitrary pointer dereference

mailing-list

FEDORA-2023-d28433ead1

vendor-advisory

vendor-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.