Denial of service in Xen shadow mode
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2022-33745 |
| CWE-ID | CWE-400 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Xen Server applications / Virtualization software |
| Vendor | Xen Project |
Security Bulletin
This security bulletin contains one medium risk vulnerability.
1) Resource exhaustion
EUVDB-ID: #VU65801
Risk: Medium
CVSSv3.1: 6.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-33745
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote user to perform a denial of service (DoS) attack.
The vulnerability exists due to an error in code responsible for migration and work around of kernels unaware of L1TF in shadow mode, related to TLB flush. A remote user with access to x86 PV guest can start the migration process to trigger the vulnerability and exhaust all available memory, resulting in a denial of service (DoS) attack.
Install updates from vendor's website.
Vulnerable software versionsXen: 4.13.0 - 4.14.5
External linkshttp://xenbits.xenproject.org/xsa/advisory-408.txt
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
