// For flags

CVE-2022-42311

 

Severity Score

6.5
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests can cause xenstored to allocate vast amounts of memory, eventually resulting in a Denial of Service (DoS) of xenstored. There are multiple ways how guests can cause large memory allocations in xenstored: - - by issuing new requests to xenstored without reading the responses, causing the responses to be buffered in memory - - by causing large number of watch events to be generated via setting up multiple xenstore watches and then e.g. deleting many xenstore nodes below the watched path - - by creating as many nodes as allowed with the maximum allowed size and path length in as many transactions as possible - - by accessing many nodes inside a transaction

Xenstore: los invitados pueden dejar ejecutar xenstored sin memoria. Este registro de información CNA se relaciona con múltiples CVE; el texto explica qué aspectos/vulnerabilidades corresponden a cada CVE.] Los invitados maliciosos pueden hacer que xenstored asigne grandes cantidades de memoria, lo que eventualmente resultará en una Denegación de Servicio (DoS) de xenstored. Hay varias maneras en que los invitados pueden provocar grandes asignaciones de memoria en xenstored: - - emitiendo nuevas solicitudes a xenstored sin leer las respuestas, lo que hace que las respuestas se almacenen en la memoria - - provocando que se genere una gran cantidad de eventos de observación mediante la configuración múltiples vigilancias de xenstore y luego, por ejemplo, eliminar muchos nodos de xenstore debajo de la ruta vigilada - - creando tantos nodos como se permita con el tamaño y la longitud de ruta máximos permitidos en tantas transacciones como sea posible - - accediendo a muchos nodos dentro de una transacción

*Credits: This issue was discovered by Julien Grall of Amazon.
CVSS Scores
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Changed
Confidentiality
None
Integrity
None
Availability
High
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2022-10-03 CVE Reserved
  • 2022-11-01 CVE Published
  • 2024-05-24 EPSS Updated
  • 2024-08-03 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-770: Allocation of Resources Without Limits or Throttling
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Xen
Search vendor "Xen"
Xen
Search vendor "Xen" for product "Xen"
--
Affected
Fedoraproject
Search vendor "Fedoraproject"
Fedora
Search vendor "Fedoraproject" for product "Fedora"
35
Search vendor "Fedoraproject" for product "Fedora" and version "35"
-
Affected
Fedoraproject
Search vendor "Fedoraproject"
Fedora
Search vendor "Fedoraproject" for product "Fedora"
36
Search vendor "Fedoraproject" for product "Fedora" and version "36"
-
Affected
Fedoraproject
Search vendor "Fedoraproject"
Fedora
Search vendor "Fedoraproject" for product "Fedora"
37
Search vendor "Fedoraproject" for product "Fedora" and version "37"
-
Affected
Debian
Search vendor "Debian"
Debian Linux
Search vendor "Debian" for product "Debian Linux"
11.0
Search vendor "Debian" for product "Debian Linux" and version "11.0"
-
Affected