xen is vulnerable to denial of service. The vulnerability exists due to an unbounded memory consumption when large pages are in use to map guest pages in the 2nd-stage page tables causing an application crash.
Vendor | Product | Version | CPE |
---|---|---|---|
- | xen\ | 3.15 | cpe:2.3:a:-:xen\:3.15:4.15.3-r0:*:*:*:*:*:*:* |
- | xen\ | 3.15 | cpe:2.3:a:-:xen\:3.15:4.15.1-r0:*:*:*:*:*:*:* |
- | xen\ | 3.15 | cpe:2.3:a:-:xen\:3.15:4.15.1-r2:*:*:*:*:*:*:* |
- | xen\ | 3.15 | cpe:2.3:a:-:xen\:3.15:4.15.2-r1:*:*:*:*:*:*:* |
- | xen\ | 3.15 | cpe:2.3:a:-:xen\:3.15:4.15.2-r2:*:*:*:*:*:*:* |
- | xen\ | 3.15 | cpe:2.3:a:-:xen\:3.15:4.15.3-r1:*:*:*:*:*:*:* |
- | xen\ | 3.15 | cpe:2.3:a:-:xen\:3.15:4.15.3-r3:*:*:*:*:*:*:* |
- | xen\ | 3.15 | cpe:2.3:a:-:xen\:3.15:4.15.2-r0:*:*:*:*:*:*:* |
- | xen\ | 3.15 | cpe:2.3:a:-:xen\:3.15:4.15.3-r2:*:*:*:*:*:*:* |
- | xen\ | 3.14 | cpe:2.3:a:-:xen\:3.14:4.15.3-r0:*:*:*:*:*:*:* |
www.openwall.com/lists/oss-security/2022/10/11/5
xenbits.xen.org/xsa/advisory-409.html
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TJOMUNGW6VTK5CZZRLWLVVEOUPEQBRHI/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWSC77GS5NATI3TT7FMVPULUPXR635XQ/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZVXG7OOOXCX6VIPEMLFDPIPUTFAYWPE/
lists.fedoraproject.org/archives/list/[email protected]/message/TJOMUNGW6VTK5CZZRLWLVVEOUPEQBRHI/
lists.fedoraproject.org/archives/list/[email protected]/message/XWSC77GS5NATI3TT7FMVPULUPXR635XQ/
lists.fedoraproject.org/archives/list/[email protected]/message/YZVXG7OOOXCX6VIPEMLFDPIPUTFAYWPE/
secdb.alpinelinux.org/v3.14/main.yaml
secdb.alpinelinux.org/v3.15/main.yaml
www.debian.org/security/2022/dsa-5272
xenbits.xenproject.org/xsa/advisory-409.txt