CVE-2022-42319
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th
Xenstore: Guests can cause Xenstore to not free temporary memory When working on a request of a guest, xenstored might need to allocate quite large amounts of memory temporarily. This memory is freed only after the request has been finished completely. A request is regarded to be finished only after the guest has read the response message of the request from the ring page. Thus a guest not reading the response can cause xenstored to not free the temporary memory. This can result in memory shortages causing Denial of Service (DoS) of xenstored.
| Vendor | xen |
| Product | xen |
| Published | Nov 1, 2022 |
| Last Updated | Aug 3, 2024 |
Stay Ahead of the Next One
Get instant alerts for xen xen
Be the first to know when new unknown vulnerabilities affecting xen xen are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
Xen / xen
All versions affected References
xenbits.xenproject.org: https://xenbits.xenproject.org/xsa/advisory-416.txt xenbits.xen.org: http://xenbits.xen.org/xsa/advisory-416.html openwall.com: http://www.openwall.com/lists/oss-security/2022/11/01/6 debian.org: https://www.debian.org/security/2022/dsa-5272 lists.fedoraproject.org: https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLI2NPNEH7CNJO3VZGQNOI4M4EWLNKPZ/ lists.fedoraproject.org: https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZVXG7OOOXCX6VIPEMLFDPIPUTFAYWPE/ lists.fedoraproject.org: https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YTMITQBGC23MSDHUCAPCVGLMVXIBXQTQ/ security.gentoo.org: https://security.gentoo.org/glsa/202402-07
Credits
{'credit_data': {'description': {'description_data': [{'lang': 'eng', 'value': 'This issue was discovered by Julien Grall of Amazon.'}]}}}