CVE-2022-33745 Information

Description

insufficient TLB flush for x86 PV guests in shadow mode For migration as well as to work around kernels unaware of L1TF (see XSA-273) PV guests may be run in shadow paging mode. To address XSA-401 code was moved inside a function in Xen. This code movement missed a variable changing meaning / value between old and new code positions. The now wrong use of the variable did lead to a wrong TLB flush condition omitting flushes where such are necessary.

Reference

https://xenbits.xenproject.org/xsa/advisory-408.txt http://xenbits.xen.org/xsa/advisory-408.html http://www.openwall.com/lists/oss-security/2022/07/26/2 http://www.openwall.com/lists/oss-security/2022/07/26/3