Unrated severityNVD Advisory· Published Aug 27, 2021· Updated Aug 3, 2024
CVE-2021-28700
CVE-2021-28700
Description
xen/arm: No memory limit for dom0less domUs The dom0less feature allows an administrator to create multiple unprivileged domains directly from Xen. Unfortunately, the memory limit from them is not set. This allow a domain to allocate memory beyond what an administrator originally configured.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
21- osv-coords19 versionspkg:rpm/opensuse/xen&distro=openSUSE%20Leap%2015.2pkg:rpm/opensuse/xen&distro=openSUSE%20Leap%2015.3pkg:rpm/suse/xen&distro=SUSE%20Enterprise%20Storage%206pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-ESPOSpkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-LTSSpkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Micro%205.0pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP2pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP3pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP2pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP3pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-BCLpkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSSpkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP1pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5pkg:rpm/suse/xen&distro=SUSE%20Manager%20Proxy%204.0pkg:rpm/suse/xen&distro=SUSE%20Manager%20Retail%20Branch%20Server%204.0pkg:rpm/suse/xen&distro=SUSE%20Manager%20Server%204.0
< 4.13.3_02-lp152.2.27.1+ 18 more
- (no CPE)range: < 4.13.3_02-lp152.2.27.1
- (no CPE)range: < 4.14.2_04-3.9.1
- (no CPE)range: < 4.12.4_12-3.52.1
- (no CPE)range: < 4.12.4_12-3.52.1
- (no CPE)range: < 4.12.4_12-3.52.1
- (no CPE)range: < 4.13.3_02-3.34.1
- (no CPE)range: < 4.13.3_02-3.34.1
- (no CPE)range: < 4.14.2_04-3.9.1
- (no CPE)range: < 4.13.3_02-3.34.1
- (no CPE)range: < 4.14.2_04-3.9.1
- (no CPE)range: < 4.12.4_12-3.49.1
- (no CPE)range: < 4.12.4_12-3.52.1
- (no CPE)range: < 4.12.4_12-3.52.1
- (no CPE)range: < 4.12.4_12-3.49.1
- (no CPE)range: < 4.12.4_12-3.52.1
- (no CPE)range: < 4.12.4_12-3.49.1
- (no CPE)range: < 4.12.4_12-3.52.1
- (no CPE)range: < 4.12.4_12-3.52.1
- (no CPE)range: < 4.12.4_12-3.52.1
Patches
Vulnerability mechanics
References
6- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2VQCFAPBNGBBAOMJZG6QBREOG5IIDZID/mitrevendor-advisoryx_refsource_FEDORA
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FZCNPSRPGFCQRYE2BI4D4Q4SCE56ANV2/mitrevendor-advisoryx_refsource_FEDORA
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LPRVHW4J4ZCPPOHZEWP5MOJT7XDGFFPJ/mitrevendor-advisoryx_refsource_FEDORA
- security.gentoo.org/glsa/202208-23mitrevendor-advisoryx_refsource_GENTOO
- www.debian.org/security/2021/dsa-4977mitrevendor-advisoryx_refsource_DEBIAN
- xenbits.xenproject.org/xsa/advisory-383.txtmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.