Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2021-26933

Опубликовано: 17 фев. 2021
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 2.1
CVSS3: 5.5

Описание

An issue was discovered in Xen 4.9 through 4.14.x. On Arm, a guest is allowed to control whether memory accesses are bypassing the cache. This means that Xen needs to ensure that all writes (such as the ones during scrubbing) have reached the memory before handing over the page to a guest. Unfortunately, the operation to clean the cache is happening before checking if the page was scrubbed. Therefore there is no guarantee when all the writes will reach the memory.

РелизСтатусПримечание
bionic

ignored

end of standard support, was needed
devel

needs-triage

esm-apps/focal

needs-triage

esm-apps/jammy

needs-triage

esm-apps/noble

needs-triage

esm-infra-legacy/trusty

DNE

esm-infra/bionic

needed

esm-infra/xenial

needs-triage

focal

ignored

end of standard support, was needs-triage
groovy

ignored

end of life

Показывать по

Ссылки на источники

EPSS

Процентиль: 24%
0.00081
Низкий

2.1 Low

CVSS2

5.5 Medium

CVSS3

Связанные уязвимости

nvd логотип

CVE-2021-26933

CVSS3: 5.5
nvd
почти 5 лет назад

An issue was discovered in Xen 4.9 through 4.14.x. On Arm, a guest is allowed to control whether memory accesses are bypassing the cache. This means that Xen needs to ensure that all writes (such as the ones during scrubbing) have reached the memory before handing over the page to a guest. Unfortunately, the operation to clean the cache is happening before checking if the page was scrubbed. Therefore there is no guarantee when all the writes will reach the memory.

debian логотип

CVE-2021-26933

CVSS3: 5.5
debian
почти 5 лет назад

An issue was discovered in Xen 4.9 through 4.14.x. On Arm, a guest is ...

github логотип

GHSA-3c29-qfhr-mp78

CVSS3: 5.5
github
больше 3 лет назад

An issue was discovered in Xen 4.9 through 4.14.x. On Arm, a guest is allowed to control whether memory accesses are bypassing the cache. This means that Xen needs to ensure that all writes (such as the ones during scrubbing) have reached the memory before handing over the page to a guest. Unfortunately, the operation to clean the cache is happening before checking if the page was scrubbed. Therefore there is no guarantee when all the writes will reach the memory.

fstec логотип

BDU:2021-03166

CVSS3: 5.5
fstec
почти 5 лет назад

Уязвимость программного средства для реализации гипертекстовой среды MediaWiki, позволяющая нарушителю оказать воздействие на конфиденциальность защищаемой информации

EPSS

Процентиль: 24%
0.00081
Низкий

2.1 Low

CVSS2

5.5 Medium

CVSS3