VDB

ALPINE-CVE-2022-26356

ALPINE-CVE-2022-26356 PUBLISHED CVSS 5.599999904632568 MEDIUM

Racy interactions between dirty vram tracking and paging log dirty hypercalls Activation of log dirty mode done by XEN_DMOP_track_dirty_vram (was named HVMOP_track_dirty_vram before Xen 4.9) is racy with ongoing log dirty hypercalls. A suitably timed call to XEN_DMOP_track_dirty_vram can enable log dirty while another CPU is still in the process of tearing down the structures related to a previously enabled log dirty mode (XEN_DOMCTL_SHADOW_OP_OFF). This is due to lack of mutually exclusive locking between both operations and can lead to entries being added in already freed slots, resulting in a memory leak.

Risk Scores

CVSS 3.1
5.599999904632568
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H

Affected Products

VendorProductVersions
Alpine:v3.19xen0, 4.0.1-r0, 4.0.1-r1
Alpine:v3.21xen0, 4.0.0, 4.9.1-r3
Alpine:v3.17xen4.10.1-r0, 0, 4.0.1-r0
Alpine:v3.16xen4.7.0-r5, 4.0.0, 4.9.1-r3
Alpine:v3.23xen4.0.0, 0, 4.0.1-r1
Alpine:v3.22xen4.10.0-r1, 4.6.0-r5, 0
Alpine:v3.14xen4.7.1-r2, 4.0.0, 4.9.1-r3
Alpine:v3.15xen4.2.0-r2, 4.15.0-r0, 4.15.2-r0
Alpine:v3.18xen4.1.1-r1, 4.0.0, 4.9.1-r3
Alpine:v3.24xen4.0.0
Alpine:v3.20xen4.0.0, 4.6.3-r1, 4.7.0-r0
Alpine:v3.13xen4.6.3-r0, 4.9.0-r0, 4.8.1-r4
Alpine:v3.12xen0, 4.0.1-r3, 4.1.0-r0

Timeline

  • Apr 5, 2022 CVE Published
  • Apr 30, 2026 Distribution Patch
  • Jul 8, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›