IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Reserved Memory Region Reporting, "RMRR") for Intel VT-d or Unity Mapping ranges for AMD-Vi. These are typically used for platform tasks such as legacy USB emulation. Since the precise purpose of these regions is unknown, once a device associated with such a region is active, the mappings of these regions need to remain continuouly accessible by the device. This requirement has been violated. Subsequent DMA or interrupts from the device may have unpredictable behaviour, ranging from IOMMU faults to memory corruption.
References
Configurations
History
16 Jun 2022, 20:45
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:* |
|
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UHFSRVLM2JUCPDC2KGB7ETPQYJLCGBLD/ - Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6ETPM2OVZZ6KOS2L7QO7SIW6XWT5OW3F/ - Third Party Advisory | |
References | (DEBIAN) https://www.debian.org/security/2022/dsa-5117 - Third Party Advisory |
02 May 2022, 12:16
Type | Values Removed | Values Added |
---|---|---|
References |
|
21 Apr 2022, 23:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
19 Apr 2022, 12:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
14 Apr 2022, 19:21
Type | Values Removed | Values Added |
---|---|---|
CWE | NVD-CWE-noinfo | |
References | (MISC) https://xenbits.xenproject.org/xsa/advisory-400.txt - Vendor Advisory | |
References | (MLIST) http://www.openwall.com/lists/oss-security/2022/04/05/3 - Mailing List, Patch, Third Party Advisory | |
References | (CONFIRM) http://xenbits.xen.org/xsa/advisory-400.html - Patch, Vendor Advisory | |
CPE | cpe:2.3:o:xen:xen:-:*:*:*:*:*:x86:* | |
CVSS |
v2 : v3 : |
v2 : 4.4
v3 : 7.8 |
05 Apr 2022, 15:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
05 Apr 2022, 13:21
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-04-05 13:15
Updated : 2024-02-04 08:15
NVD link : CVE-2022-26360
Mitre link : CVE-2022-26360
CVE.ORG link : CVE-2022-26360
JSON object : View
Products Affected
debian
- debian_linux
xen
- xen
fedoraproject
- fedora
CWE