CVE-2022-42327

Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-42327.json
Published
2022-11-01T13:15:00Z
Modified
2022-11-24T07:32:37.538295Z
Details

x86: unintended memory sharing between guests On Intel systems that support the "virtualize APIC accesses" feature, a guest can read and write the global shared xAPIC page by moving the local APIC out of xAPIC mode. Access to this shared page bypasses the expected isolation that should exist between two guests.

References

Affected packages

Alpine:v3.14 / xen

xen

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0
Fixed
4.15.4-r0

Affected versions

4.*

4.0.1
4.1.0
4.1.1
4.1.2
4.1.3
4.10.0
4.10.1
4.11.0
4.11.1
4.12.0
4.12.1
4.13.0
4.13.1
4.14.0
4.14.1
4.15.0
4.15.1
4.15.2
4.15.3
4.2.0
4.2.1
4.2.2
4.3.0
4.3.1
4.3.2
4.3.3
4.4.1
4.4.2
4.5.0
4.5.1
4.6.0
4.6.1
4.6.3
4.7.0
4.7.1
4.7.2
4.8.1
4.9.0
4.9.1

Alpine:v3.15 / xen

xen

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0
Fixed
4.15.4-r0

Affected versions

4.*

4.0.1
4.1.0
4.1.1
4.1.2
4.1.3
4.10.0
4.10.1
4.11.0
4.11.1
4.12.0
4.12.1
4.13.0
4.13.1
4.14.0
4.14.1
4.15.0
4.15.1
4.15.2
4.15.3
4.2.0
4.2.1
4.2.2
4.3.0
4.3.1
4.3.2
4.3.3
4.4.1
4.4.2
4.5.0
4.5.1
4.6.0
4.6.1
4.6.3
4.7.0
4.7.1
4.7.2
4.8.1
4.9.0
4.9.1

Alpine:v3.17 / xen

xen

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0
Fixed
4.16.2-r1

Affected versions

4.*

4.0.1
4.1.0
4.1.1
4.1.2
4.1.3
4.10.0
4.10.1
4.11.0
4.11.1
4.12.0
4.12.1
4.13.0
4.13.1
4.14.0
4.14.1
4.15.0
4.15.1
4.16.0
4.16.1
4.16.2
4.2.0
4.2.1
4.2.2
4.3.0
4.3.1
4.3.2
4.3.3
4.4.1
4.4.2
4.5.0
4.5.1
4.6.0
4.6.1
4.6.3
4.7.0
4.7.1
4.7.2
4.8.1
4.9.0
4.9.1