Xenstore: guests can let run xenstored out of memory T[his CNA information
record relates to multiple CVEs; the text explains which
aspects/vulnerabilities correspond to which CVE.] Malicious guests can
cause xenstored to allocate vast amounts of memory, eventually resulting in
a Denial of Service (DoS) of xenstored. There are multiple ways how guests
can cause large memory allocations in xenstored: - - by issuing new
requests to xenstored without reading the responses, causing the responses
to be buffered in memory - - by causing large number of watch events to be
generated via setting up multiple xenstore watches and then e.g. deleting
many xenstore nodes below the watched path - - by creating as many nodes as
allowed with the maximum allowed size and path length in as many
transactions as possible - - by accessing many nodes inside a transaction
Author | Note |
---|---|
mdeslaur | hypervisor packages are in universe. For issues in the hypervisor, add appropriate tags to each section, ex: Tags_xen: universe-binary |