Vulnerabilities > CVE-2022-36661 - NULL Pointer Dereference vulnerability in Xhyve Project Xhyve 20211002

CVSS 6.5 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

xhyve-project

CWE-476

NVD

Published: 2022-09-07

Updated: 2022-09-12

Summary

xhyve commit dfbe09b was discovered to contain a NULL pointer dereference via the component vi_pci_read(). This vulnerability allows attackers to cause a Denial of Service via unspecified vectors.

Vulnerable Configurations

Part	Description	Count
Application	Xhyve_Project Xhyve Project Xhyve 2021-10-02	1

Common Weakness Enumeration (CWE)

CWE-476 - NULL Pointer Dereference

References

https://awxylitol.github.io/2022/07/21/disclose-three-bugs-in-xhyve.html