Alpine: multiple xen packages: security update to 4.16.1-r2

medium Tenable Cloud Security Plugin ID 424673

Description

There are packages installed that are affected by multiple vulnerabilities referenced in the following CVEs:

- x86 pv: Insufficient care with non-coherent mappings T[his CNA information record relates to multiple
CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen maintains a type
reference count for pages, in addition to a regular reference count. This scheme is used to maintain
invariants required for Xen's safety, e.g. PV guests may not have direct writeable access to pagetables;
updates need auditing by Xen. Unfortunately, Xen's safety logic doesn't account for CPU-induced cache non-
coherency; cases where the CPU can cause the content of the cache to be different to the content in main
memory. In such cases, Xen's safety logic can incorrectly conclude that the contents of a page is safe.
(CVE-2022-26364)

- Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated
user to potentially enable information disclosure via local access. (CVE-2022-21123)

- Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an
authenticated user to potentially enable information disclosure via local access. (CVE-2022-21125)

- Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an
authenticated user to potentially enable information disclosure via local access. (CVE-2022-21166)

- x86 pv: Race condition in typeref acquisition Xen maintains a type reference count for pages, in addition
to a regular reference count. This scheme is used to maintain invariants required for Xen's safety, e.g.
PV guests may not have direct writeable access to pagetables; updates need auditing by Xen. Unfortunately,
the logic for acquiring a type reference has a race condition, whereby a safely TLB flush is issued too
early and creates a window where the guest can re-establish the read/write mapping before writeability is
prohibited. (CVE-2022-26362)

See Also

https://security.alpinelinux.org/vuln/CVE-2022-21123

https://security.alpinelinux.org/vuln/CVE-2022-21125

https://security.alpinelinux.org/vuln/CVE-2022-21166

https://security.alpinelinux.org/vuln/CVE-2022-26362

https://security.alpinelinux.org/vuln/CVE-2022-26363

https://security.alpinelinux.org/vuln/CVE-2022-26364

Plugin Details

Severity: Medium

ID: 424673

Version: Revision 1.10

Type: Local

Published: 4/4/2025

Updated: 7/2/2026

Supported Sensors: Agentless Assessment, Tenable Cloud Security, Tenable Self-Hosted Container Security

Risk Information

VPR

Risk Factor: Medium

Score: 6.9

Percentile: 97.35

CVSS v2

Risk Factor: High

Base Score: 7.2

Temporal Score: 5.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2022-26364

CVSS v3

Risk Factor: Medium

Base Score: 6.7

Temporal Score: 6

Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 5/12/2022

Reference Information

CVE: CVE-2022-21123, CVE-2022-21125, CVE-2022-21166, CVE-2022-26362, CVE-2022-26363, CVE-2022-26364