CVE-2021-28700
N/A
N/A
Summary
xen/arm: No memory limit for dom0less domUs The dom0less feature allows an administrator to create multiple unprivileged domains directly from Xen. Unfortunately, the memory limit from them is not set. This allow a domain to allocate memory beyond what an administrator originally configured.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Xen | xen | 4.12.x | affected |
| Xen | xen | unspecified < 4.12 | unknown |
| Xen | xen | 4.13.x < unspecified | affected |
| Xen | xen | next of xen-unstable < unspecified | unaffected |
Weaknesses
- unknown
ADP Enrichment
CVE Program Container
Additional References
- https://xenbits.xenproject.org/xsa/advisory-383.txt
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LPRVHW4J4ZCPPOHZEWP5MOJT7XDGFFPJ/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FZCNPSRPGFCQRYE2BI4D4Q4SCE56ANV2/
- https://www.debian.org/security/2021/dsa-4977
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2VQCFAPBNGBBAOMJZG6QBREOG5IIDZID/
- https://security.gentoo.org/glsa/202208-23
References
- https://xenbits.xenproject.org/xsa/advisory-383.txt
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LPRVHW4J4ZCPPOHZEWP5MOJT7XDGFFPJ/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FZCNPSRPGFCQRYE2BI4D4Q4SCE56ANV2/
- https://www.debian.org/security/2021/dsa-4977
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2VQCFAPBNGBBAOMJZG6QBREOG5IIDZID/
- https://security.gentoo.org/glsa/202208-23
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.