Lucene search

K

Veracode Vulnerability DatabaseVERACODE:38251

HistoryNov 25, 2022 - 6:33 p.m.

Denial Of Service (DoS)

2022-11-2518:33:30

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

20

xen

vulnerability

denial of service

attack

p2m pool

second level address translation

application crash

software

EPSS

0

Percentile

14.2%

xen is vulnerable to denial of service (DoS) attacks. P2M pool freeing may take excessively long te P2M pool backing second level address translation for guests may be of significant size. Therefore its freeing may take more time than is reasonable without intermediate preemption checks resulting in an application crash.

References

www.openwall.com/lists/oss-security/2022/10/11/3

xenbits.xen.org/xsa/advisory-410.html

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TJOMUNGW6VTK5CZZRLWLVVEOUPEQBRHI/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWSC77GS5NATI3TT7FMVPULUPXR635XQ/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZVXG7OOOXCX6VIPEMLFDPIPUTFAYWPE/

lists.fedoraproject.org/archives/list/[email protected]/message/TJOMUNGW6VTK5CZZRLWLVVEOUPEQBRHI/

lists.fedoraproject.org/archives/list/[email protected]/message/XWSC77GS5NATI3TT7FMVPULUPXR635XQ/

lists.fedoraproject.org/archives/list/[email protected]/message/YZVXG7OOOXCX6VIPEMLFDPIPUTFAYWPE/

secdb.alpinelinux.org/v3.14/main.yaml

secdb.alpinelinux.org/v3.15/main.yaml

www.debian.org/security/2022/dsa-5272

xenbits.xenproject.org/xsa/advisory-410.txt

EPSS

0

Percentile

14.2%

Related for VERACODE:38251

xen1 nvd1 osv3 cve1 prion1 nessus15 ubuntucve1 alpinelinux1 debiancve1 cvelist1 suse2 openvas13 fedora3 debian1 gentoo1