Описание
In the Linux kernel, the following vulnerability has been resolved:
xen/blkfront: harden blkfront against event channel storms
The Xen blkfront driver is still vulnerable for an attack via excessive number of events sent by the backend. Fix that by using lateeoi event channels.
This is part of XSA-391
In the Linux kernel, the following vulnerability has been resolved:
xen/blkfront: harden blkfront against event channel storms
The Xen blkfront driver is still vulnerable for an attack via excessive number of events sent by the backend. Fix that by using lateeoi event channels.
This is part of XSA-391
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2021-47573
- https://git.kernel.org/stable/c/0fd08a34e8e3b67ec9bd8287ac0facf8374b844a
- https://git.kernel.org/stable/c/25898389795bd85d8e1520c0c75c3ad906c17da7
- https://git.kernel.org/stable/c/269d7124bcfad2558d2329d0fe603ca20b20d3f4
- https://git.kernel.org/stable/c/3e04b9e6aa7d77287e70a400be83060d2b7b2cfe
- https://git.kernel.org/stable/c/4ed9f5c511ce95cb8db05ff82026ea901f45fd76
- https://git.kernel.org/stable/c/5ac3b68b79c9e964dd6f3cf80ff825518e502b79
- https://git.kernel.org/stable/c/8ac3b6ee7c9ff2df7c99624bb1235e2e55623825
- https://git.kernel.org/stable/c/caf9b51829a50590b84daea924a0fd62d32bc952
CVE ID
Связанные уязвимости
[REJECTED CVE] The Xen blkfront driver in the Linux kernel was vulnerable to attacks via excessive event channels sent by the backend. This could lead to event channel storms.
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.