CVE-2022-42321

Xenstore: Guests can crash xenstored via exhausting the stack Xenstored is using recursion for some Xenstore operations (e.g. for deleting a sub-tree of Xenstore nodes). With sufficiently deep nesting levels this can result in stack exhaustion on xenstored, leading to a crash of xenstored.

CVSS v3 6.5 MEDIUM

6.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.0 / Impact : 4.0

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope CHANGED

References

Link	Resource
http://www.openwall.com/lists/oss-security/2022/11/01/8	Mailing List Third Party Advisory
http://xenbits.xen.org/xsa/advisory-418.html	Patch Vendor Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YTMITQBGC23MSDHUCAPCVGLMVXIBXQTQ/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZVXG7OOOXCX6VIPEMLFDPIPUTFAYWPE/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLI2NPNEH7CNJO3VZGQNOI4M4EWLNKPZ/
https://security.gentoo.org/glsa/202402-07
https://www.debian.org/security/2022/dsa-5272	Third Party Advisory
https://xenbits.xenproject.org/xsa/advisory-418.txt	Patch Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:o:xen:xen:-:*:*:*:*:*:*:*

Configuration 2 (hide)

OR	cpe:2.3:o:debian:debian_linux:11.0:::::::*
	cpe:2.3:o:fedoraproject:fedora:35:::::::*
	cpe:2.3:o:fedoraproject:fedora:36:::::::*
	cpe:2.3:o:fedoraproject:fedora:37:::::::*

History

04 Feb 2024, 08:15

Type	Values Removed	Values Added
References		() https://security.gentoo.org/glsa/202402-07 -

Information

Published : 2022-11-01 13:15

Updated : 2024-02-04 08:15

NVD link : CVE-2022-42321

Mitre link : CVE-2022-42321

CVE.ORG link : CVE-2022-42321

JSON object : View

Products Affected

fedoraproject

fedora

xen

xen

debian

debian_linux

CWE

CWE-674

Uncontrolled Recursion

{"id": "CVE-2022-42321", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 4.0, "exploitabilityScore": 2.0}]}, "published": "2022-11-01T13:15:11.870", "references": [{"url": "http://www.openwall.com/lists/oss-security/2022/11/01/8", "tags": ["Mailing List", "Third Party Advisory"], "source": "security@xen.org"}, {"url": "http://xenbits.xen.org/xsa/advisory-418.html", "tags": ["Patch", "Vendor Advisory"], "source": "security@xen.org"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YTMITQBGC23MSDHUCAPCVGLMVXIBXQTQ/", "source": "security@xen.org"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZVXG7OOOXCX6VIPEMLFDPIPUTFAYWPE/", "source": "security@xen.org"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLI2NPNEH7CNJO3VZGQNOI4M4EWLNKPZ/", "source": "security@xen.org"}, {"url": "https://security.gentoo.org/glsa/202402-07", "source": "security@xen.org"}, {"url": "https://www.debian.org/security/2022/dsa-5272", "tags": ["Third Party Advisory"], "source": "security@xen.org"}, {"url": "https://xenbits.xenproject.org/xsa/advisory-418.txt", "tags": ["Patch", "Vendor Advisory"], "source": "security@xen.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-674"}]}], "descriptions": [{"lang": "en", "value": "Xenstore: Guests can crash xenstored via exhausting the stack Xenstored is using recursion for some Xenstore operations (e.g. for deleting a sub-tree of Xenstore nodes). With sufficiently deep nesting levels this can result in stack exhaustion on xenstored, leading to a crash of xenstored."}, {"lang": "es", "value": "Xenstore: los invitados pueden bloquear xenstored al agotar la pila. Xenstored utiliza la recursividad para algunas operaciones de Xenstore (por ejemplo, para eliminar un sub\u00e1rbol de nodos de Xenstore). Con niveles de anidamiento suficientemente profundos, esto puede provocar el agotamiento de la pila en xenstored, lo que provocar\u00e1 un fallo de xenstored."}], "lastModified": "2024-02-04T08:15:12.390", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:xen:xen:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BFA1950D-1D9F-4401-AA86-CF3028EFD286"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED"}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA"}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD"}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D"}], "operator": "OR"}]}], "sourceIdentifier": "security@xen.org"}