Re: CVE-2022-48900: xen/netfront: react properly to failing gnttab_end_foreign_access_ref()

From: Juergen Gross
Date: Thu Aug 22 2024 - 01:46:21 EST

Next message: Jan Kiszka: "Re: [PATCH] remoteproc: k3-r5: Fix error handling when power-up failed"
Previous message: Sachin Gupta: "[PATCH V2] arm64: dts: qcom: Add SD Card node for qcm6490-idp"
Next in thread: Greg Kroah-Hartman: "Re: CVE-2022-48900: xen/netfront: react properly to failing gnttab_end_foreign_access_ref()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Please revoke this CVE, as CVE-2022-23042 has been allocated for this issue
2 years ago already.

This is even clearly visible ...

On 22.08.24 05:31, Greg Kroah-Hartman wrote:

Description
===========

In the Linux kernel, the following vulnerability has been resolved:

xen/netfront: react properly to failing gnttab_end_foreign_access_ref()

When calling gnttab_end_foreign_access_ref() the returned value must
be tested and the reaction to that value should be appropriate.

In case of failure in xennet_get_responses() the reaction should not be
to crash the system, but to disable the network device.

The calls in setup_netfront() can be replaced by calls of
gnttab_end_foreign_access(). While at it avoid double free of ring
pages and grant references via xennet_disconnect_backend() in this case.

This is CVE-2022-23042 / part of XSA-396.

... here.

Juergen

Attachment: OpenPGP_0xB0DE9DD628BF132F.asc
Description: OpenPGP public key

Attachment: OpenPGP_signature.asc
Description: OpenPGP digital signature

Next message: Jan Kiszka: "Re: [PATCH] remoteproc: k3-r5: Fix error handling when power-up failed"
Previous message: Sachin Gupta: "[PATCH V2] arm64: dts: qcom: Add SD Card node for qcm6490-idp"
Next in thread: Greg Kroah-Hartman: "Re: CVE-2022-48900: xen/netfront: react properly to failing gnttab_end_foreign_access_ref()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]