A flaw in the Linux Kernel XEN found (emulated network device driver). When trying to free the SKB of a packet dropped, the deadlock can happen (CVE-2022-42328).
Additionally when dropping packets for other reasons the same deadlock could occur in case of netpoll being active for the interface the xen-netback driver is connected to (CVE-2022-42329).
A malicious guest could cause Denial of Service (DoS) of the host via the paravirtualized network interface.
Created kernel tracking bugs for this issue:
Affects: fedora-all [bug 2156216]
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):
This was fixed for Fedora with the 6.0.13 stable kernel release