Your submission was sent successfully! Close

CVE-2021-28693

Published: 30 June 2021

xen/arm: Boot modules are not scrubbed The bootloader will load boot modules (e.g. kernel, initramfs...) in a temporary area before they are copied by Xen to each domain memory. To ensure sensitive data is not leaked from the modules, Xen must "scrub" them before handing the page over to the allocator. Unfortunately, it was discovered that modules will not be scrubbed on Arm.

Priority

Medium

CVSS 3 base score: 5.5

Status

Package Release Status
xen
Launchpad, Ubuntu, Debian
bionic Needs triage

focal Needs triage

groovy Ignored
(reached end-of-life)
hirsute Ignored
(reached end-of-life)
impish Needs triage

jammy Needs triage

trusty Does not exist

upstream Needs triage

xenial Needs triage

Notes

AuthorNote
mdeslaur
hypervisor packages are in universe. For
issues in the hypervisor, add appropriate
tags to each section, ex:
Tags_xen: universe-binary

References

Bugs