CVE-2021-28688

Published: 4/6/2021 Last updated: 8/3/2024 Reserved: 3/18/2021

The fix for XSA-365 includes initialization of pointers such that subsequent cleanup code wouldn't use uninitialized or stale values. This initialization went too far and may under certain conditions also overwrite pointers which are in need of cleaning up. The lack of cleanup would result in leaking persistent grants. The leak in turn would prevent fully cleaning up after a respective guest has died, leaving around zombie domains. All Linux versions having the fix for XSA-365 applied are vulnerable. XSA-365 was classified to affect versions back to at least 3.11.

CNA assigner: XEN (23aa2041-22e1-471f-9209-9b7396fa234f) Requested by: n/a

Opam packages affected (27)

albatross cdrom conf-bpftool conf-libbpf conf-linux-libc-dev core core_unix hvsock mirage-block-unix mm ocaml-probes orun rawlink rawlink-eio rawlink-lwt shell solo5 solo5-bindings-hvt solo5-bindings-spt solo5-cross-aarch64 solo5-kernel-ukvm tracy-client tuntap uring vhd-format vhd-format-lwt xapi-stdext-unix

Products affected (5)

Product	Vendor	Version
Linux	Linux	QCS4490
Linux	Linux	QCS6125
Linux	Linux	QCS7230
Linux	Linux	2.2 all
Linux	Linux	2.1 Preferred

References (6)

Credits (1)

{'credit_data': {'description': {'description_data': [{'lang': 'eng', 'value': 'This issue was discovered by Nicolai Stange of SUSE.'}]}}}