Lucene search

K

XENCVELIST:CVE-2022-42310

HistoryNov 01, 2022 - 12:00 a.m.

CVE-2022-42310

2022-11-0100:00:00

XEN

www.cve.org

7.1 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

14.1%

Xenstore: Guests can create orphaned Xenstore nodes By creating multiple nodes inside a transaction resulting in an error, a malicious guest can create orphaned nodes in the Xenstore data base, as the cleanup after the error will not remove all nodes already created. When the transaction is committed after this situation, nodes without a valid parent can be made permanent in the data base.

CNA Affected

[
  {
    "vendor": "Xen",
    "product": "xen",
    "versions": [
      {
        "version": "consult Xen advisory XSA-415",
        "status": "unknown"
      }
    ]
  }
]

References

www.openwall.com/lists/oss-security/2022/11/01/5

xenbits.xen.org/xsa/advisory-415.html

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YTMITQBGC23MSDHUCAPCVGLMVXIBXQTQ/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZVXG7OOOXCX6VIPEMLFDPIPUTFAYWPE/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLI2NPNEH7CNJO3VZGQNOI4M4EWLNKPZ/

security.gentoo.org/glsa/202402-07

www.debian.org/security/2022/dsa-5272

xenbits.xenproject.org/xsa/advisory-415.txt

7.1 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

14.1%

Related for CVELIST:CVE-2022-42310

prion1 ubuntucve1 osv2 nessus15 xen1 debiancve1 veracode1 cve1 nvd1 openvas12 fedora3 debian1 gentoo1