CVE-2022-42321

UNKNOWN 0.0

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

Xenstore: Guests can crash xenstored via exhausting the stack Xenstored is using recursion for some Xenstore operations (e.g. for deleting a sub-tree of Xenstore nodes). With sufficiently deep nesting levels this can result in stack exhaustion on xenstored, leading to a crash of xenstored.

Vendor	xen
Product	xen
Published	Nov 1, 2022
Last Updated	Aug 3, 2024

Stay Ahead of the Next One

Get instant alerts for xen xen

Be the first to know when new unknown vulnerabilities affecting xen xen are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Xen / xen

All versions affected

References

NVD ↗ CVE.org ↗ EPSS Data ↗

xenbits.xenproject.org: https://xenbits.xenproject.org/xsa/advisory-418.txt xenbits.xen.org: http://xenbits.xen.org/xsa/advisory-418.html openwall.com: http://www.openwall.com/lists/oss-security/2022/11/01/8 debian.org: https://www.debian.org/security/2022/dsa-5272 lists.fedoraproject.org: https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLI2NPNEH7CNJO3VZGQNOI4M4EWLNKPZ/ lists.fedoraproject.org: https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZVXG7OOOXCX6VIPEMLFDPIPUTFAYWPE/ lists.fedoraproject.org: https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YTMITQBGC23MSDHUCAPCVGLMVXIBXQTQ/ security.gentoo.org: https://security.gentoo.org/glsa/202402-07

Credits

{'credit_data': {'description': {'description_data': [{'lang': 'eng', 'value': 'This issue was discovered by David Vrabel of Amazon.'}]}}}