CVE-2022-42330
First published: Thu Jan 26 2023(Updated: )
Guests can cause Xenstore crash via soft reset When a guest issues a "Soft Reset" (e.g. for performing a kexec) the libxl based Xen toolstack will normally perform a XS_RELEASE Xenstore operation. Due to a bug in xenstored this can result in a crash of xenstored. Any other use of XS_RELEASE will have the same impact.
Credit: security@xen.org security@xen.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Xen Xen | =4.17.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2022-42330?
The severity of CVE-2022-42330 is high.
How does CVE-2022-42330 affect Xen Xen version 4.17.0?
CVE-2022-42330 affects Xen Xen version 4.17.0.
What can cause a Xenstore crash in CVE-2022-42330?
A guest issuing a Soft Reset can cause a Xenstore crash in CVE-2022-42330.
What operation can result in a crash of xenstored in CVE-2022-42330?
Performing XS_RELEASE operation can result in a crash of xenstored in CVE-2022-42330.
Is there a fix available for CVE-2022-42330?
Please refer to the provided reference link for available fixes for CVE-2022-42330.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/severity
- agent/author
- agent/tags
- agent/last-modified-date
- agent/description
- agent/first-publish-date
- agent/event
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- vendor/xen
- canonical/xen xen
- version/xen xen/4.17.0