First published: Thu Jan 26 2023(Updated: )
Guests can cause Xenstore crash via soft reset When a guest issues a "Soft Reset" (e.g. for performing a kexec) the libxl based Xen toolstack will normally perform a XS_RELEASE Xenstore operation. Due to a bug in xenstored this can result in a crash of xenstored. Any other use of XS_RELEASE will have the same impact.
Credit: security@xen.org security@xen.org
Affected Software | Affected Version | How to fix |
---|---|---|
Xen Xen | =4.17.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2022-42330 is high.
CVE-2022-42330 affects Xen Xen version 4.17.0.
A guest issuing a Soft Reset can cause a Xenstore crash in CVE-2022-42330.
Performing XS_RELEASE operation can result in a crash of xenstored in CVE-2022-42330.
Please refer to the provided reference link for available fixes for CVE-2022-42330.