CVE-2021-28039

An issue was discovered in the Linux kernel 5.9.x through 5.11.3, as used with Xen. In some less-common configurations, an x86 PV guest OS user can crash a Dom0 or driver domain via a large amount of I/O activity. The issue relates to misuse of guest physical addresses when a configuration has CONFIG_XEN_UNPOPULATED_ALLOC but not CONFIG_XEN_BALLOON_MEMORY_HOTPLUG.
References
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)


Configuration 2 (hide)

OR cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:solidfire_baseboard_management_controller_firmware:-:*:*:*:*:*:*:*

Information

Published : 2021-03-05 10:15

Updated : 2022-07-12 10:42


NVD link : CVE-2021-28039

Mitre link : CVE-2021-28039


JSON object : View

CWE
CWE-131

Incorrect Calculation of Buffer Size

Advertisement

dedicated server usa

Products Affected

netapp

  • cloud_backup
  • solidfire_baseboard_management_controller_firmware

xen

  • xen

linux

  • linux_kernel