Vulnerabilities > XEN

DATE CVE VULNERABILITY TITLE RISK
2022-11-09 CVE-2022-23824 IBPB may not prevent return branch predictions from being specified by pre-IBPB branch targets leading to a potential information disclosure.
local
low complexity
xen amd fedoraproject
5.5
2022-11-01 CVE-2022-42309 Release of Invalid Pointer or Reference vulnerability in multiple products
Xenstore: Guests can crash xenstored Due to a bug in the fix of XSA-115 a malicious guest can cause xenstored to use a wrong pointer during node creation in an error path, resulting in a crash of xenstored or a memory corruption in xenstored causing further damage.
local
low complexity
xen debian fedoraproject CWE-763
8.8
2022-11-01 CVE-2022-42310 Incomplete Cleanup vulnerability in multiple products
Xenstore: Guests can create orphaned Xenstore nodes By creating multiple nodes inside a transaction resulting in an error, a malicious guest can create orphaned nodes in the Xenstore data base, as the cleanup after the error will not remove all nodes already created.
local
low complexity
xen debian fedoraproject CWE-459
5.5
2022-11-01 CVE-2022-42311 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests can cause xenstored to allocate vast amounts of memory, eventually resulting in a Denial of Service (DoS) of xenstored.
local
low complexity
xen fedoraproject debian CWE-770
6.5
2022-11-01 CVE-2022-42312 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests can cause xenstored to allocate vast amounts of memory, eventually resulting in a Denial of Service (DoS) of xenstored.
local
low complexity
xen debian fedoraproject CWE-770
6.5
2022-11-01 CVE-2022-42313 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests can cause xenstored to allocate vast amounts of memory, eventually resulting in a Denial of Service (DoS) of xenstored.
local
low complexity
xen debian fedoraproject CWE-770
6.5
2022-11-01 CVE-2022-42314 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests can cause xenstored to allocate vast amounts of memory, eventually resulting in a Denial of Service (DoS) of xenstored.
local
low complexity
xen debian fedoraproject CWE-770
6.5
2022-11-01 CVE-2022-42315 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests can cause xenstored to allocate vast amounts of memory, eventually resulting in a Denial of Service (DoS) of xenstored.
local
low complexity
xen debian fedoraproject CWE-770
6.5
2022-11-01 CVE-2022-42316 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests can cause xenstored to allocate vast amounts of memory, eventually resulting in a Denial of Service (DoS) of xenstored.
local
low complexity
xen debian fedoraproject CWE-770
6.5
2022-11-01 CVE-2022-42317 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests can cause xenstored to allocate vast amounts of memory, eventually resulting in a Denial of Service (DoS) of xenstored.
local
low complexity
xen debian fedoraproject CWE-770
6.5