2 matches found
CVE-2020-29487
CVE-2020-29487 affects Xen XAPI (Xen hypervisor tooling). The issue stems from xenopsd watching xenstore keys and forwarding RPC updates via message-switch to xapi, causing an RPC update flood: one update per key update with O(N^2) time, and message-switch retaining ~128 recent messages yields O(...
CVE-2022-33749
CVE-2022-33749 affects Citrix XenServer / Citrix Hypervisor (Xen) components. The issue permits an unauthenticated attacker on the management network to trigger a denial-of-service by exhausting the XAPI file-descriptor limit, preventing new requests from trusted clients and blocking tasks requir...