Undefined MMIO Hang (UMH) / CVE-2022-21180 / INTEL-SA-00645

ID 730547
Updated 6/14/2022
Version Latest
Public

author-image

By

Disclosure date:
2022-06-14
Published date:
2022-06-14

Severity rating:
5.5 Medium

Industry-wide severity ratings can be found in the National Vulnerability Database


Related Content

Overview

Atypical reads from malicious software with MMIO privilege may hang the platform and cause a temporary denial-of-service attack. 

This scenario is not likely to be of interest to an attacker running on a single-user machine, as such an attacker is likely to have other ways to hang the machine. However, an attacker running in a virtual machine guest could potentially hang the host platform in this scenario if the virtual machine monitor (VMM) provides direct MMIO read access to a vulnerable integrated device. This issue has been assigned CVE-2022-21180 (CVSS 5.5 Medium: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

UMH Summary
Name CVE (CVSS) Affected Products Privilege Required Data Exposure Mitigation Direction Software Proposal
Undefined MMIO Hang
(UMH)
CVE-2022-21180 (5.5 Medium: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H) Client (Skylake family)
Intel Xeon E3 processor family (Skylake family)
 
MMIO N/A Software Avoid giving untrusted software MMIO access to affected devices.

 

Mitigation

Intel recommends that multitenant virtualized environments only provide direct MMIO access for integrated devices to trusted VMs. Refer to the next section for impacted device ranges.

UMH Impacted Device Ranges

The below are integrated PCI device numbers on bus 0 impacted by UMH.

  • Device 0
    • MCHBAR
  • Device 2 - Integrated Graphics
    • GTTMMADR subrange
  • Device 4 - Camarillo
    • TMBAR