OpenCVE

Xenstore: Guests can cause Xenstore to not free temporary memory When working on a request of a guest, xenstored might need to allocate quite large amounts of memory temporarily. This memory is freed only after the request has been finished completely. A request is regarded to be finished only after the guest has read the response message of the request from the ring page. Thus a guest not reading the response can cause xenstored to not free the temporary memory. This can result in memory shortages causing Denial of Service (DoS) of xenstored.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Debian	Debian Linux
Fedoraproject	Fedora
Xen	Xen

Configuration 1 [-]

cpe:2.3:o:xen:xen:*:*:*:*:*:*:*:*

Configuration 2 [-]

OR	cpe:2.3:o:debian:debian_linux:11.0:::::::*
	cpe:2.3:o:fedoraproject:fedora:35:::::::*
	cpe:2.3:o:fedoraproject:fedora:36:::::::*
	cpe:2.3:o:fedoraproject:fedora:37:::::::*

No data.

References

Link	Providers
http://www.openwall.com/lists/oss-security/2022/11/01/6
http://xenbits.xen.org/xsa/advisory-416.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YTMITQBGC23MSDHUCAPCVGLMVXIBXQTQ/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZVXG7OOOXCX6VIPEMLFDPIPUTFAYWPE/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLI2NPNEH7CNJO3VZGQNOI4M4EWLNKPZ/
https://security.gentoo.org/glsa/202402-07
https://www.debian.org/security/2022/dsa-5272
https://xenbits.xenproject.org/xsa/advisory-416.txt

History

No history.

MITRE

Status: PUBLISHED

Assigner: XEN

Published: 2022-11-01T00:00:00

Updated: 2024-08-03T13:03:45.976Z

Reserved: 2022-10-03T00:00:00

Link: CVE-2022-42319

Vulnrichment

No data.

NVD

Status : Modified

Published: 2022-11-01T13:15:11.763

Modified: 2024-11-21T07:24:44.503

Link: CVE-2022-42319

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2022-42319", "assignerOrgId": "23aa2041-22e1-471f-9209-9b7396fa234f", "assignerShortName": "XEN", "dateUpdated": "2024-08-03T13:03:45.976Z", "dateReserved": "2022-10-03T00:00:00", "datePublished": "2022-11-01T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "23aa2041-22e1-471f-9209-9b7396fa234f", "shortName": "XEN", "dateUpdated": "2024-02-04T08:06:31.334539"}, "descriptions": [{"lang": "en", "value": "Xenstore: Guests can cause Xenstore to not free temporary memory When working on a request of a guest, xenstored might need to allocate quite large amounts of memory temporarily. This memory is freed only after the request has been finished completely. A request is regarded to be finished only after the guest has read the response message of the request from the ring page. Thus a guest not reading the response can cause xenstored to not free the temporary memory. This can result in memory shortages causing Denial of Service (DoS) of xenstored."}], "affected": [{"vendor": "Xen", "product": "xen", "versions": [{"version": "consult Xen advisory XSA-416", "status": "unknown"}]}], "references": [{"url": "https://xenbits.xenproject.org/xsa/advisory-416.txt"}, {"url": "http://xenbits.xen.org/xsa/advisory-416.html"}, {"name": "[oss-security] 20221101 Xen Security Advisory 416 v2 (CVE-2022-42319) - Xenstore: Guests can cause Xenstore to not free temporary memory", "tags": ["mailing-list"], "url": "http://www.openwall.com/lists/oss-security/2022/11/01/6"}, {"name": "DSA-5272", "tags": ["vendor-advisory"], "url": "https://www.debian.org/security/2022/dsa-5272"}, {"name": "FEDORA-2022-07438e12df", "tags": ["vendor-advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLI2NPNEH7CNJO3VZGQNOI4M4EWLNKPZ/"}, {"name": "FEDORA-2022-99af00f60e", "tags": ["vendor-advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZVXG7OOOXCX6VIPEMLFDPIPUTFAYWPE/"}, {"name": "FEDORA-2022-9f51d13fa3", "tags": ["vendor-advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YTMITQBGC23MSDHUCAPCVGLMVXIBXQTQ/"}, {"name": "GLSA-202402-07", "tags": ["vendor-advisory"], "url": "https://security.gentoo.org/glsa/202402-07"}], "credits": [{"lang": "en", "value": "{'credit_data': {'description': {'description_data': [{'lang': 'eng', 'value': 'This issue was discovered by Julien Grall of Amazon.'}]}}}"}], "metrics": [{"other": {"type": "unknown", "content": {"description": {"description_data": [{"lang": "eng", "value": "A malicious guest can cause DoS of xenstored, resulting in the inability\nto create new guests or to change the configuration of already running\nguests."}]}}}}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "unknown"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T13:03:45.976Z"}, "title": "CVE Program Container", "references": [{"url": "https://xenbits.xenproject.org/xsa/advisory-416.txt", "tags": ["x_transferred"]}, {"url": "http://xenbits.xen.org/xsa/advisory-416.html", "tags": ["x_transferred"]}, {"name": "[oss-security] 20221101 Xen Security Advisory 416 v2 (CVE-2022-42319) - Xenstore: Guests can cause Xenstore to not free temporary memory", "tags": ["mailing-list", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2022/11/01/6"}, {"name": "DSA-5272", "tags": ["vendor-advisory", "x_transferred"], "url": "https://www.debian.org/security/2022/dsa-5272"}, {"name": "FEDORA-2022-07438e12df", "tags": ["vendor-advisory", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLI2NPNEH7CNJO3VZGQNOI4M4EWLNKPZ/"}, {"name": "FEDORA-2022-99af00f60e", "tags": ["vendor-advisory", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZVXG7OOOXCX6VIPEMLFDPIPUTFAYWPE/"}, {"name": "FEDORA-2022-9f51d13fa3", "tags": ["vendor-advisory", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YTMITQBGC23MSDHUCAPCVGLMVXIBXQTQ/"}, {"name": "GLSA-202402-07", "tags": ["vendor-advisory", "x_transferred"], "url": "https://security.gentoo.org/glsa/202402-07"}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:xen:xen:*:*:*:*:*:*:*:*", "matchCriteriaId": "49311C62-4662-40C1-9F0D-B366D8C1379F", "versionStartIncluding": "4.9.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", "matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED", "vulnerable": true}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", "matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA", "vulnerable": true}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*", "matchCriteriaId": "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD", "vulnerable": true}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", "matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Xenstore: Guests can cause Xenstore to not free temporary memory When working on a request of a guest, xenstored might need to allocate quite large amounts of memory temporarily. This memory is freed only after the request has been finished completely. A request is regarded to be finished only after the guest has read the response message of the request from the ring page. Thus a guest not reading the response can cause xenstored to not free the temporary memory. This can result in memory shortages causing Denial of Service (DoS) of xenstored."}, {"lang": "es", "value": "Xenstore: Los invitados pueden hacer que Xenstore no libere memoria temporal Cuando trabaja en una solicitud de un invitado, es posible que xenstored necesite asignar cantidades bastante grandes de memoria temporalmente. Esta memoria se libera s\u00f3lo despu\u00e9s de que la solicitud haya finalizado por completo. Una solicitud se considera finalizada s\u00f3lo despu\u00e9s de que el hu\u00e9sped haya le\u00eddo el mensaje de respuesta de la solicitud desde la p\u00e1gina de timbre. Por lo tanto, un invitado que no lea la respuesta puede hacer que xenstored no libere la memoria temporal. Esto puede provocar escasez de memoria y provocar Denegaci\u00f3n de Servicio (DoS) de xenstored."}], "id": "CVE-2022-42319", "lastModified": "2024-11-21T07:24:44.503", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.0, "impactScore": 4.0, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-11-01T13:15:11.763", "references": [{"source": "security@xen.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2022/11/01/6"}, {"source": "security@xen.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://xenbits.xen.org/xsa/advisory-416.html"}, {"source": "security@xen.org", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YTMITQBGC23MSDHUCAPCVGLMVXIBXQTQ/"}, {"source": "security@xen.org", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZVXG7OOOXCX6VIPEMLFDPIPUTFAYWPE/"}, {"source": "security@xen.org", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLI2NPNEH7CNJO3VZGQNOI4M4EWLNKPZ/"}, {"source": "security@xen.org", "url": "https://security.gentoo.org/glsa/202402-07"}, {"source": "security@xen.org", "tags": ["Third Party Advisory"], "url": "https://www.debian.org/security/2022/dsa-5272"}, {"source": "security@xen.org", "tags": ["Patch", "Vendor Advisory"], "url": "https://xenbits.xenproject.org/xsa/advisory-416.txt"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2022/11/01/6"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://xenbits.xen.org/xsa/advisory-416.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YTMITQBGC23MSDHUCAPCVGLMVXIBXQTQ/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZVXG7OOOXCX6VIPEMLFDPIPUTFAYWPE/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLI2NPNEH7CNJO3VZGQNOI4M4EWLNKPZ/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://security.gentoo.org/glsa/202402-07"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.debian.org/security/2022/dsa-5272"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "https://xenbits.xenproject.org/xsa/advisory-416.txt"}], "sourceIdentifier": "security@xen.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-401"}], "source": "nvd@nist.gov", "type": "Primary"}]}