{"id":"CVE-2021-28702","details":"PCI devices with RMRRs not deassigned correctly Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Reserved Memory Region Reporting, \"RMRR\"). These are typically used for platform tasks such as legacy USB emulation. If such a device is passed through to a guest, then on guest shutdown the device is not properly deassigned. The IOMMU configuration for these devices which are not properly deassigned ends up pointing to a freed data structure, including the IO Pagetables. Subsequent DMA or interrupts from the device will have unpredictable behaviour, ranging from IOMMU faults to memory corruption.","modified":"2026-03-13T01:59:38.965193Z","published":"2021-10-06T14:15:07.230Z","related":["SUSE-SU-2021:3852-1","SUSE-SU-2021:3888-1","SUSE-SU-2021:3968-1","SUSE-SU-2021:3977-1","openSUSE-SU-2021:1543-1","openSUSE-SU-2021:3968-1","openSUSE-SU-2024:11624-1"],"references":[{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2OIHEJ3R3EH5DYI2I5UMD2ULJ2ELA3EX/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FDPRMOBBLS74ONYP3IXZZXSTLKR7GRQB/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TRAWV6PO2KUGVZTESERECOBUBZ6X45I7/"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/202208-23"},{"type":"ADVISORY","url":"https://www.debian.org/security/2021/dsa-5017"},{"type":"ADVISORY","url":"https://xenbits.xenproject.org/xsa/advisory-386.txt"},{"type":"ADVISORY","url":"http://www.openwall.com/lists/oss-security/2021/10/07/2"}],"affected":[{"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-28702.json","unresolved_ranges":[{"events":[{"introduced":"4.13.0"},{"last_affected":"4.15.1"}]},{"events":[{"introduced":"0"},{"last_affected":"33"}]},{"events":[{"introduced":"0"},{"last_affected":"34"}]},{"events":[{"introduced":"0"},{"last_affected":"35"}]},{"events":[{"introduced":"0"},{"last_affected":"9.0"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"}]}