VDB
CVE-2022-33745
CVE-2022-33745
PUBLISHED
insufficient TLB flush for x86 PV guests in shadow mode For migration as well as to work around kernels unaware of L1TF (see XSA-273), PV guests may be run in shadow paging mode. To address XSA-401, code was moved inside a function in Xen. This code movement missed a variable changing meaning / value between old and new code positions. The now wrong use of the variable did lead to a wrong TLB flush condition, omitting flushes where such are necessary.
EPSS 0.08% · 23.3th percentile
Risk Scores
EPSS Score
0.08%
23.3th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| fedoraproject | fedora | 36, 35 |
| debian | debian_linux | 11.0 |
| Xen | xen | consult Xen advisory XSA-408 |
| Citrix | XenServer | |
| xen | xen | |
| XEN | Xen |
Exploit Intelligence
- https://xenbits.xenproject.org/xsa/advisory-408.txt (circl)
- http://xenbits.xen.org/xsa/advisory-408.html (circl)
- [oss-security] 20220726 Xen Security Advisory 408 v2 (CVE-2022-33745) - insufficient TLB flush for x86 PV guests in shadow mode (circl)
- [oss-security] 20220726 Xen Security Advisory 408 v3 (CVE-2022-33745) - insufficient TLB flush for x86 PV guests in shadow mode (circl)
- FEDORA-2022-4f7cd241e2 (circl)
- FEDORA-2022-a0d7a5eaf2 (circl)
- DSA-5272 (circl)
Timeline
- Jul 26, 2022 CVE Published
- Jul 27, 2022 EPSS Score
- Sep 12, 2022 EPSS Score
- Oct 28, 2022 EPSS Score
- Dec 14, 2022 EPSS Score
- Jan 30, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Mar 17, 2023 EPSS Score
- May 3, 2023 EPSS Score
- Jun 19, 2023 EPSS Score
- Aug 4, 2023 EPSS Score
- Sep 20, 2023 EPSS Score
References
- https://xenbits.xenproject.org/xsa/advisory-408.txt url
- http://xenbits.xen.org/xsa/advisory-408.html url
- [oss-security] 20220726 Xen Security Advisory 408 v2 (CVE-2022-33745) - insufficient TLB flush for x86 PV guests in shadow mode mailing-list
- [oss-security] 20220726 Xen Security Advisory 408 v3 (CVE-2022-33745) - insufficient TLB flush for x86 PV guests in shadow mode mailing-list
- FEDORA-2022-4f7cd241e2 vendor-advisory
- FEDORA-2022-a0d7a5eaf2 vendor-advisory
- DSA-5272 vendor-advisory
- https://nvd.nist.gov/vuln/detail/CVE-2022-33745 advisory
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HUFIMNGYP5VQAA6KE3T2I5GW6UP6F7BS url
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MYI3OMJ7RIZNL3C6GUWNANNPEUUID6FM url
- https://xenbits.xen.org/xsa/advisory-408.html advisory
- https://support.citrix.com/article/CTX463455/citrix-hypervisor-security-bulletin-for-cve202233745 advisory