CVE-2021-28712
Public on 2022-01-05
Modified on 2022-02-04
Description
A denial of service flaw for virtual machine guests in the Linux kernel's Xen hypervisor subsystem was found in the way users call some interrupts with high frequency from one of the guests.
A local user could use this flaw to starve the resources resulting in a denial of service.
A local user could use this flaw to starve the resources resulting in a denial of service.
Severity
CVSS v3 Base Score
See breakdown
Affected Packages
Platform | Package | Release Date | Advisory | Status |
---|---|---|---|---|
Amazon Linux 1 | kernel | 2022-02-04 | ALAS-2022-1563 | Fixed |
Amazon Linux 1 | kernel | 2023-02-17 | ALAS-2023-1688 | Fixed |
Amazon Linux 2 - Core | kernel | 2022-02-04 | ALAS2-2022-1749 | Fixed |
Amazon Linux 2 - Kernel-5.10 Extra | kernel | 2022-01-26 | ALAS2KERNEL-5.10-2022-009 | Fixed |
Amazon Linux 2 - Kernel-5.4 Extra | kernel | 2022-01-26 | ALAS2KERNEL-5.4-2022-021 | Fixed |
CVSS Scores
Score Type | Score | Vector | |
---|---|---|---|
Amazon Linux | CVSSv3 | 6.2 | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
NVD | CVSSv2 | 2.1 | AV:L/AC:L/Au:N/C:N/I:N/A:P |
NVD | CVSSv3 | 6.5 | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H |