CVE-2022-42309

Source
https://nvd.nist.gov/vuln/detail/CVE-2022-42309
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-42309.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2022-42309
Downstream
Related
Published
2022-11-01T13:15:11Z
Modified
2025-09-25T05:01:18Z
Severity
  • 8.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

Xenstore: Guests can crash xenstored Due to a bug in the fix of XSA-115 a malicious guest can cause xenstored to use a wrong pointer during node creation in an error path, resulting in a crash of xenstored or a memory corruption in xenstored causing further damage. Entering the error path can be controlled by the guest e.g. by exceeding the quota value of maximum nodes per domain.

References

Affected packages