CVE-2022-33745

Source
https://nvd.nist.gov/vuln/detail/CVE-2022-33745
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-33745.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2022-33745
Downstream
Related
Published
2022-07-26T13:15:10Z
Modified
2025-08-09T19:01:28Z
Severity
  • 8.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

insufficient TLB flush for x86 PV guests in shadow mode For migration as well as to work around kernels unaware of L1TF (see XSA-273), PV guests may be run in shadow paging mode. To address XSA-401, code was moved inside a function in Xen. This code movement missed a variable changing meaning / value between old and new code positions. The now wrong use of the variable did lead to a wrong TLB flush condition, omitting flushes where such are necessary.

References

Affected packages