VDB

DEBIAN-CVE-2021-28706

DEBIAN-CVE-2021-28706 PUBLISHED CVSS 8.600000381469727 HIGH

guests may exceed their designated memory limit When a guest is permitted to have close to 16TiB of memory, it may be able to issue hypercalls to increase its memory allocation beyond the administrator established limit. This is a result of a calculation done with 32-bit precision, which may overflow. It would then only be the overflowed (and hence small) number which gets compared against the established upper bound.

Risk Scores

CVSS 3.1
8.600000381469727
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Affected Products

VendorProductVersions
Debian:12xen0, 0, 0
Debian:13xen0, 0, 0
Debian:14xen0, 0, 0
Debian:11xen0, 4.14.2+25-gb6a8c4f72d-2, 4.14.3-1

Timeline

  • Nov 24, 2021 CVE Published
  • Apr 28, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›