CVE-2022-42324
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Oxenstored 32->31 bit integer truncation issues Integers in Ocaml are 63 or 31 bits of signed precision. The Ocaml Xenbus library takes a C uint32_t out of the ring and casts it directly to an Ocaml integer. In 64-bit Ocaml builds this is fine, but in 32-bit builds, it truncates off the most significant bit, and then creates unsigned/signed confusion in the remainder. This in turn can feed a negative value into logic not expecting a negative value, resulting in unexpected exceptions being thrown. The unexpected exception is not handled suitably, creating a busy-loop trying (and failing) to take the bad packet out of the xenstore ring.
Problemas de truncado de enteros de 32 a 31 bits almacenados en Oxenstored. Los enteros en Ocaml tienen 63 o 31 bits de precisión confirmada. La librería Ocaml Xenbus extrae una variable uint32_t de C del anillo y lo convierte directamente en un entero Ocaml. En compilaciones de Ocaml de 64 bits, esto está bien, pero en compilaciones de 32 bits, trunca el bit más significativo y luego crea confusión sin confirmación/confirmada en el resto. Esto, a su vez, puede introducir un valor negativo en la lógica que no espera un valor negativo, lo que genera excepciones inesperadas. La excepción inesperada no se maneja adecuadamente, lo que crea un bucle de ocupación al intentar (y fallar) sacar el paquete defectuoso del anillo xenstore.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2022-10-03 CVE Reserved
- 2022-11-01 CVE Published
- 2024-02-06 EPSS Updated
- 2024-08-03 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-681: Incorrect Conversion between Numeric Types
CAPEC
References (8)
URL | Tag | Source |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://www.openwall.com/lists/oss-security/2022/11/01/10 | 2024-02-04 | |
http://xenbits.xen.org/xsa/advisory-420.html | 2024-02-04 | |
https://xenbits.xenproject.org/xsa/advisory-420.txt | 2024-02-04 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Xen Search vendor "Xen" | Xen Search vendor "Xen" for product "Xen" | * | - |
Affected
| ||||||
Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 11.0 Search vendor "Debian" for product "Debian Linux" and version "11.0" | - |
Affected
| ||||||
Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | 35 Search vendor "Fedoraproject" for product "Fedora" and version "35" | - |
Affected
| ||||||
Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | 36 Search vendor "Fedoraproject" for product "Fedora" and version "36" | - |
Affected
| ||||||
Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | 37 Search vendor "Fedoraproject" for product "Fedora" and version "37" | - |
Affected
|