CVE-2022-46770 – qubes-mirage-firewall v0.8.3 - Denial Of Service (DoS)

https://notcve.org/view.php?id=CVE-2022-46770

qubes-mirage-firewall (aka Mirage firewall for QubesOS) 0.8.x through 0.8.3 allows guest OS users to cause a denial of service (CPU consumption and loss of forwarding) via a crafted multicast UDP packet (IP address range of 224.0.0.0 through 239.255.255.255). qubes-mirage-firewall (aka firewall Mirage para QubesOS) 0.8.x a 0.8.3 permite a los usuarios de sistemas operativos invitados provocar una Denegación de Servicio (DoS) (consumo de CPU y pérdida de reenvío) a través de un paquete UDP de multidifusión manipulado(rango de direcciones IP de 224.0. 0,0 a 239.255.255.255). Qubes Mirage Firewall versions 0.8.0 through 0.8.3 suffer from a denial of service vulnerability. • https://www.exploit-db.com/exploits/51157 http://packetstormsecurity.com/files/171610/Qubes-Mirage-Firewall-0.8.3-Denial-Of-Service.html https://github.com/mirage/qubes-mirage-firewall/issues/166 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •