xen is vulnerable to denial of service. The vulnerability exists because the Linux Block and Network PV device frontends don’t zero memory regions before sharing them with the backend which leads to a memory corruption causing an application crash.
www.openwall.com/lists/oss-security/2022/07/05/6
xenbits.xen.org/xsa/advisory-403.html
lists.debian.org/debian-lts-announce/2022/10/msg00000.html
lists.fedoraproject.org/archives/list/[email protected]/message/IGFTRZ66KQYTSYIRT5FRHF5D6O72NWOP/
lists.fedoraproject.org/archives/list/[email protected]/message/RKRXZ4LHGCGMOG24ZCEJNY6R2BTS4S2Q/
secdb.alpinelinux.org/edge/main.yaml
secdb.alpinelinux.org/v3.13/main.yaml
secdb.alpinelinux.org/v3.14/main.yaml
secdb.alpinelinux.org/v3.15/main.yaml
secdb.alpinelinux.org/v3.16/main.yaml
www.debian.org/security/2022/dsa-5191
xenbits.xenproject.org/xsa/advisory-403.txt