{"containers":{"cna":{"affected":[{"product":"Linux","vendor":"Linux","versions":[{"status":"unknown","version":"consult Xen advisory XSA-391"}]}],"credits":[{"lang":"en","value":"{'credit_data': {'description': {'description_data': [{'lang': 'eng', 'value': 'This issue was discovered by Jürgen Groß of SUSE.'}]}}}"}],"descriptions":[{"lang":"en","value":"Rogue backends can cause DoS of guests via high frequency events T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen offers the ability to run PV backends in regular unprivileged guests, typically referred to as \"driver domains\". Running PV backends in driver domains has one primary security advantage: if a driver domain gets compromised, it doesn't have the privileges to take over the system. However, a malicious driver domain could try to attack other guests via sending events at a high frequency leading to a Denial of Service in the guest due to trying to service interrupts for elongated amounts of time. There are three affected backends: * blkfront patch 1, CVE-2021-28711 * netfront patch 2, CVE-2021-28712 * hvc_xen (console) patch 3, CVE-2021-28713"}],"metrics":[{"other":{"content":{"description":{"description_data":[{"lang":"eng","value":"Potentially malicious PV backends can cause guest DoS due to unhardened\nfrontends in the guests, even though this ought to have been prevented by\ncontaining them within a driver domain."}]}},"type":"unknown"}}],"problemTypes":[{"descriptions":[{"description":"unknown","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2022-03-10T02:06:49.000Z","orgId":"23aa2041-22e1-471f-9209-9b7396fa234f","shortName":"XEN"},"references":[{"tags":["x_refsource_MISC"],"url":"https://xenbits.xenproject.org/xsa/advisory-391.txt"},{"name":"DSA-5050","tags":["vendor-advisory","x_refsource_DEBIAN"],"url":"https://www.debian.org/security/2022/dsa-5050"},{"name":"[debian-lts-announce] 20220309 [SECURITY] [DLA 2940-1] linux security update","tags":["mailing-list","x_refsource_MLIST"],"url":"https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html"},{"name":"[debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update","tags":["mailing-list","x_refsource_MLIST"],"url":"https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html"},{"name":"DSA-5096","tags":["vendor-advisory","x_refsource_DEBIAN"],"url":"https://www.debian.org/security/2022/dsa-5096"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"security@xen.org","ID":"CVE-2021-28713","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"Linux","version":{"version_data":[{"version_affected":"?","version_value":"consult Xen advisory XSA-391"}]}}]},"vendor_name":"Linux"}]}},"configuration":{"configuration_data":{"description":{"description_data":[{"lang":"eng","value":"All guests being serviced by potentially malicious backends are vulnerable,\neven if those backends are running in a less privileged environment. The\nvulnerability is not affecting the host, but the guests."}]}}},"credit":{"credit_data":{"description":{"description_data":[{"lang":"eng","value":"This issue was discovered by Jürgen Groß of SUSE."}]}}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Rogue backends can cause DoS of guests via high frequency events T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen offers the ability to run PV backends in regular unprivileged guests, typically referred to as \"driver domains\". Running PV backends in driver domains has one primary security advantage: if a driver domain gets compromised, it doesn't have the privileges to take over the system. However, a malicious driver domain could try to attack other guests via sending events at a high frequency leading to a Denial of Service in the guest due to trying to service interrupts for elongated amounts of time. There are three affected backends: * blkfront patch 1, CVE-2021-28711 * netfront patch 2, CVE-2021-28712 * hvc_xen (console) patch 3, CVE-2021-28713"}]},"impact":{"impact_data":{"description":{"description_data":[{"lang":"eng","value":"Potentially malicious PV backends can cause guest DoS due to unhardened\nfrontends in the guests, even though this ought to have been prevented by\ncontaining them within a driver domain."}]}}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"unknown"}]}]},"references":{"reference_data":[{"name":"https://xenbits.xenproject.org/xsa/advisory-391.txt","refsource":"MISC","url":"https://xenbits.xenproject.org/xsa/advisory-391.txt"},{"name":"DSA-5050","refsource":"DEBIAN","url":"https://www.debian.org/security/2022/dsa-5050"},{"name":"[debian-lts-announce] 20220309 [SECURITY] [DLA 2940-1] linux security update","refsource":"MLIST","url":"https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html"},{"name":"[debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update","refsource":"MLIST","url":"https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html"},{"name":"DSA-5096","refsource":"DEBIAN","url":"https://www.debian.org/security/2022/dsa-5096"}]},"workaround":{"workaround_data":{"description":{"description_data":[{"lang":"eng","value":"There is no known mitigation available."}]}}}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-03T21:55:11.785Z"},"title":"CVE Program Container","references":[{"tags":["x_refsource_MISC","x_transferred"],"url":"https://xenbits.xenproject.org/xsa/advisory-391.txt"},{"name":"DSA-5050","tags":["vendor-advisory","x_refsource_DEBIAN","x_transferred"],"url":"https://www.debian.org/security/2022/dsa-5050"},{"name":"[debian-lts-announce] 20220309 [SECURITY] [DLA 2940-1] linux security update","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html"},{"name":"[debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html"},{"name":"DSA-5096","tags":["vendor-advisory","x_refsource_DEBIAN","x_transferred"],"url":"https://www.debian.org/security/2022/dsa-5096"}]}]},"cveMetadata":{"assignerOrgId":"23aa2041-22e1-471f-9209-9b7396fa234f","assignerShortName":"XEN","cveId":"CVE-2021-28713","datePublished":"2022-01-05T16:10:24.000Z","dateReserved":"2021-03-18T00:00:00.000Z","dateUpdated":"2024-08-03T21:55:11.785Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}