Published: 26/01/2023 Updated: 06/02/2023

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

Guests can cause Xenstore crash via soft reset When a guest issues a "Soft Reset" (e.g. for performing a kexec) the libxl based Xen toolstack will normally perform a XS_RELEASE Xenstore operation. Due to a bug in xenstored this can result in a crash of xenstored. Any other use of XS_RELEASE will have the same impact.

Vulnerable Product	Search on Vulmon	Subscribe to Product
xen xen 4.17.0

Debian Bug report logs - #1029830 xen: CVE-2022-42330 Package: src:xen; Maintainer for src:xen is Debian Xen Team <pkg-xen-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 28 Jan 2023 13:03:04 UTC Severity: important Tags: security, upstream Found in version xen/4170 ...

CVE-2022-42330 Guests can cause Xenstore crash via soft reset When a guest issues a "Soft Reset" (eg for performing a kexec) the libxl based Xen toolstack will normally perform a XS_RELEASE Xenstore operation Due to a bug in xenstored this can result in a crash of xenstored Any other use of XS_RELEASE will have the same impact authentication complexity vector

NVD-CWE-noinfo https://xenbits.xenproject.org/xsa/advisory-425.txt https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029830 https://github.com/Live-Hack-CVE/CVE-2022-42330 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2022-42330

Vulnerability Summary

Most Upvoted Vulmon Research Post

Vulnerability Trend

Vendor Advisories

Github Repositories

References

Vulmon Search

About

Products

Connect