Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2021-28688

A security issue was found in the Linux kernel before version 5.11.11, as used by Xen. A malicious or buggy frontend driver may be able to cause resource leaks from the corresponding backend driver. This can result in a host-wide Denial of Sevice (DoS).

Source

Severity Low

Remote No

Type Denial of service

Description

A security issue was found in the Linux kernel before version 5.11.11, as used by Xen. A malicious or buggy frontend driver may be able to cause resource leaks from the corresponding backend driver. This can result in a host-wide Denial of Sevice (DoS).

AVG-1748 linux-hardened 5.11.10.hardened1-1 Medium Vulnerable

AVG-1750 linux-lts 5.10.26-1 5.10.27-1 Medium Fixed

AVG-1749 linux-zen 5.11.10.zen1-1 5.11.11.zen1-1 Medium Fixed

AVG-1747 linux 5.11.10.arch4-1 5.11.11.arch4-1 Medium Fixed

https://xenbits.xen.org/xsa/advisory-371.html
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.11.11&id=632b046bb6120afe1df1bfa06943bee338dd97db
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.10.27&id=3a1ca9bd4f5a647439e82e07b03d072781d9d180

Workaround
==========

Avoiding the use of persistent grants will avoid the vulnerability. This can be achieved by passing the "feature_persistent=0" module option to the xen-blkback driver.

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

Vulmon Search

About

Products

Connect