Roger Pau Monné discovered that the Xen virtual block driver in the Linux kernel did not properly initialize memory pages to be used for shared communication with the backend. A local attacker could use this to expose sensitive information (guest kernel memory). (CVE-2022-26365)
Roger Pau Monné discovered that the Xen paravirtualization frontend in the Linux kernel did not properly initialize memory pages to be used for shared communication with the backend. A local attacker could use this to expose sensitive information (guest kernel memory). (CVE-2022-33740)
It was discovered that the Xen paravirtualization frontend in the Linux kernel incorrectly shared unrelated data when communicating with certain backends. A local attacker could use this to cause a denial of service (guest crash) or expose sensitive information (guest kernel memory). (CVE-2022-33741)
{ "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro", "binaries": [ { "binary_version": "4.4.0-1148.163", "binary_name": "linux-aws-cloud-tools-4.4.0-1148" }, { "binary_version": "4.4.0-1148.163", "binary_name": "linux-aws-headers-4.4.0-1148" }, { "binary_version": "4.4.0-1148.163", "binary_name": "linux-aws-tools-4.4.0-1148" }, { "binary_version": "4.4.0-1148.163", "binary_name": "linux-buildinfo-4.4.0-1148-aws" }, { "binary_version": "4.4.0-1148.163", "binary_name": "linux-cloud-tools-4.4.0-1148-aws" }, { "binary_version": "4.4.0-1148.163", "binary_name": "linux-headers-4.4.0-1148-aws" }, { "binary_version": "4.4.0-1148.163", "binary_name": "linux-image-4.4.0-1148-aws" }, { "binary_version": "4.4.0-1148.163", "binary_name": "linux-image-4.4.0-1148-aws-dbgsym" }, { "binary_version": "4.4.0-1148.163", "binary_name": "linux-modules-4.4.0-1148-aws" }, { "binary_version": "4.4.0-1148.163", "binary_name": "linux-modules-extra-4.4.0-1148-aws" }, { "binary_version": "4.4.0-1148.163", "binary_name": "linux-tools-4.4.0-1148-aws" } ] }