active/CVE-2021-28715


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16

Description: Guest can force Linux netback driver to hog large amounts of kernel memory
References:
 https://xenbits.xen.org/xsa/advisory-392.html
 https://xenbits.xen.org/xsa/xsa392-linux-2.patch
Notes:
 carnil> Commit fixes f48da8b14d04 ("xen-netback: fix unlimited guest Rx
 carnil> internal queue and carrier flapping").
Bugs:
upstream: pending [be81992f9086b230623ae3ebbc85ecee4d00a3d3]
5.10-upstream-stable: released (5.10.88) [88f20cccbeec9a5e83621df5cc2453b5081454dc]
4.19-upstream-stable: released (4.19.222) [c9f17e92917fd5786be872626a3928979ecc4c39]
4.9-upstream-stable: released (4.9.294) [b4226b387436315e7f57465c15335f4f4b5b075d]
sid: needed
5.10-bullseye-security: needed
4.19-buster-security: needed
4.9-stretch-security: needed