CVE-2022-42325
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2022-42325
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Xenstore: Guests can create arbitrary number of nodes via transactions T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] In case a node has been created in a transaction and it is later deleted in the same transaction, the transaction will be terminated with an error. As this error is encountered only when handling the deleted node at transaction finalization, the transaction will have been performed partially and without updating the accounting information. This will enable a malicious guest to create arbitrary number of nodes.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Xen 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Xen是英国剑桥(Cambridge)大学的一款开源的虚拟机监视器产品。该产品能够使不同和不兼容的操作系统运行在同一台计算机上,并支持在运行时进行迁移,保证正常运行并且避免宕机。 Xen Xenstore存在安全漏洞,该漏洞源于恶意访客可以通过交易创建任意数量的节点,可能会导致内存不足,从而导致拒绝服务(DoS)。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
II. Public POCs for CVE-2022-42325
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2022-42325
请登录查看更多情报信息。
- https://www.debian.org/security/2022/dsa-5272vendor-advisory
- https://security.gentoo.org/glsa/202402-07vendor-advisory
- https://nvd.nist.gov/vuln/detail/CVE-2022-42325
Same Patch Batch · Xen · 2022-11-01 · 19 CVEs total
| CVE-2022-42318 | Xen 安全漏洞 | |
| CVE-2022-42327 | Xen 安全漏洞 | |
| CVE-2022-42326 | Xen 安全漏洞 | |
| CVE-2022-42324 | Xen 缓冲区错误漏洞 | |
| CVE-2022-42323 | Xen 安全漏洞 | |
| CVE-2022-42322 | Xen 安全漏洞 | |
| CVE-2022-42321 | Xen 安全漏洞 | |
| CVE-2022-42320 | Xen 安全漏洞 | |
| CVE-2022-42319 | Xen 安全漏洞 | |
| CVE-2022-42309 | Xen 安全漏洞 | |
| CVE-2022-42317 | Xen 安全漏洞 | |
| CVE-2022-42316 | Xen 安全漏洞 | |
| CVE-2022-42315 | Xen 安全漏洞 | |
| CVE-2022-42314 | Xen 安全漏洞 | |
| CVE-2022-42313 | Xen 安全漏洞 | |
| CVE-2022-42312 | Xen 安全漏洞 | |
| CVE-2022-42311 | Xen 安全漏洞 | |
| CVE-2022-42310 | Xen 安全漏洞 |
IV. Related Vulnerabilities
V. Comments for CVE-2022-42325
No comments yet