SUSE update for xen



Risk Medium
Patch available YES
Number of vulnerabilities 17
CVE-ID CVE-2022-42309
CVE-2022-42310
CVE-2022-42311
CVE-2022-42312
CVE-2022-42313
CVE-2022-42314
CVE-2022-42315
CVE-2022-42316
CVE-2022-42317
CVE-2022-42318
CVE-2022-42319
CVE-2022-42320
CVE-2022-42321
CVE-2022-42322
CVE-2022-42323
CVE-2022-42325
CVE-2022-42326
CWE-ID CWE-763
CWE-399
CWE-400
CWE-269
CWE-674
Exploitation vector Network
Public exploit N/A
Vulnerable software
SUSE Linux Enterprise Server
Operating systems & Components / Operating system

xen-tools-domU-debuginfo
Operating systems & Components / Operating system package or component

xen-tools-domU
Operating systems & Components / Operating system package or component

xen-tools-debuginfo
Operating systems & Components / Operating system package or component

xen-tools
Operating systems & Components / Operating system package or component

xen-libs-debuginfo
Operating systems & Components / Operating system package or component

xen-libs-debuginfo-32bit
Operating systems & Components / Operating system package or component

xen-libs
Operating systems & Components / Operating system package or component

xen-libs-32bit
Operating systems & Components / Operating system package or component

xen-doc-html
Operating systems & Components / Operating system package or component

xen-debugsource
Operating systems & Components / Operating system package or component

xen
Operating systems & Components / Operating system package or component

Vendor SUSE

Security Bulletin

This security bulletin contains information about 17 vulnerabilities.

1) Release of invalid pointer or reference

EUVDB-ID: #VU70589

Risk: Medium

CVSSv3.1: 6.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-42309

CWE-ID: CWE-763 - Release of invalid pointer or reference

Exploit availability: No

Description

The vulnerability allows a malicious guest to perform a denial of service (DoS) attack.

The vulnerability exists due to usage of a wrong pointer during the node creation in Xenstore. A malicious guest can cause xenstored to crash.

Mitigation

Update the affected package xen to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 12-SP3-BCL

xen-tools-domU-debuginfo: before 4.9.4_34-3.114.1

xen-tools-domU: before 4.9.4_34-3.114.1

xen-tools-debuginfo: before 4.9.4_34-3.114.1

xen-tools: before 4.9.4_34-3.114.1

xen-libs-debuginfo: before 4.9.4_34-3.114.1

xen-libs-debuginfo-32bit: before 4.9.4_34-3.114.1

xen-libs: before 4.9.4_34-3.114.1

xen-libs-32bit: before 4.9.4_34-3.114.1

xen-doc-html: before 4.9.4_34-3.114.1

xen-debugsource: before 4.9.4_34-3.114.1

xen: before 4.9.4_34-3.114.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2022/suse-su-20223960-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Resource management error

EUVDB-ID: #VU70588

Risk: Medium

CVSSv3.1: 6.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-42310

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a malicious guest to perform a denial of service (DoS) attack.

The vulnerability exists due to improper management of internal resources within Xenstore, which can result in orphaned nodes being created and never removed in the Xenstore database. A malicious guest can cause inconsistencies in the xenstored data base, resulting in unusual error responses or memory leaks in xenstored.

Mitigation

Update the affected package xen to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 12-SP3-BCL

xen-tools-domU-debuginfo: before 4.9.4_34-3.114.1

xen-tools-domU: before 4.9.4_34-3.114.1

xen-tools-debuginfo: before 4.9.4_34-3.114.1

xen-tools: before 4.9.4_34-3.114.1

xen-libs-debuginfo: before 4.9.4_34-3.114.1

xen-libs-debuginfo-32bit: before 4.9.4_34-3.114.1

xen-libs: before 4.9.4_34-3.114.1

xen-libs-32bit: before 4.9.4_34-3.114.1

xen-doc-html: before 4.9.4_34-3.114.1

xen-debugsource: before 4.9.4_34-3.114.1

xen: before 4.9.4_34-3.114.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2022/suse-su-20223960-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Resource management error

EUVDB-ID: #VU70590

Risk: Medium

CVSSv3.1: 6.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-42311

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a malicious guest to perform a denial of service (DoS) attack.

The vulnerability exists due to improper management of internal resources within the Xenstore. A malicious guest can allocate huge amount of memory and perform a denial of service (DoS) attack.

Mitigation

Update the affected package xen to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 12-SP3-BCL

xen-tools-domU-debuginfo: before 4.9.4_34-3.114.1

xen-tools-domU: before 4.9.4_34-3.114.1

xen-tools-debuginfo: before 4.9.4_34-3.114.1

xen-tools: before 4.9.4_34-3.114.1

xen-libs-debuginfo: before 4.9.4_34-3.114.1

xen-libs-debuginfo-32bit: before 4.9.4_34-3.114.1

xen-libs: before 4.9.4_34-3.114.1

xen-libs-32bit: before 4.9.4_34-3.114.1

xen-doc-html: before 4.9.4_34-3.114.1

xen-debugsource: before 4.9.4_34-3.114.1

xen: before 4.9.4_34-3.114.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2022/suse-su-20223960-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Resource management error

EUVDB-ID: #VU70591

Risk: Medium

CVSSv3.1: 6.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-42312

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a malicious guest to perform a denial of service (DoS) attack.

The vulnerability exists due to improper management of internal resources within the Xenstore. A malicious guest can allocate huge amount of memory and perform a denial of service (DoS) attack.

Mitigation

Update the affected package xen to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 12-SP3-BCL

xen-tools-domU-debuginfo: before 4.9.4_34-3.114.1

xen-tools-domU: before 4.9.4_34-3.114.1

xen-tools-debuginfo: before 4.9.4_34-3.114.1

xen-tools: before 4.9.4_34-3.114.1

xen-libs-debuginfo: before 4.9.4_34-3.114.1

xen-libs-debuginfo-32bit: before 4.9.4_34-3.114.1

xen-libs: before 4.9.4_34-3.114.1

xen-libs-32bit: before 4.9.4_34-3.114.1

xen-doc-html: before 4.9.4_34-3.114.1

xen-debugsource: before 4.9.4_34-3.114.1

xen: before 4.9.4_34-3.114.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2022/suse-su-20223960-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Resource management error

EUVDB-ID: #VU70592

Risk: Medium

CVSSv3.1: 6.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-42313

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a malicious guest to perform a denial of service (DoS) attack.

The vulnerability exists due to improper management of internal resources within the Xenstore. A malicious guest can allocate huge amount of memory and perform a denial of service (DoS) attack.

Mitigation

Update the affected package xen to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 12-SP3-BCL

xen-tools-domU-debuginfo: before 4.9.4_34-3.114.1

xen-tools-domU: before 4.9.4_34-3.114.1

xen-tools-debuginfo: before 4.9.4_34-3.114.1

xen-tools: before 4.9.4_34-3.114.1

xen-libs-debuginfo: before 4.9.4_34-3.114.1

xen-libs-debuginfo-32bit: before 4.9.4_34-3.114.1

xen-libs: before 4.9.4_34-3.114.1

xen-libs-32bit: before 4.9.4_34-3.114.1

xen-doc-html: before 4.9.4_34-3.114.1

xen-debugsource: before 4.9.4_34-3.114.1

xen: before 4.9.4_34-3.114.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2022/suse-su-20223960-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Resource management error

EUVDB-ID: #VU70593

Risk: Medium

CVSSv3.1: 6.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-42314

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a malicious guest to perform a denial of service (DoS) attack.

The vulnerability exists due to improper management of internal resources within the Xenstore. A malicious guest can allocate huge amount of memory and perform a denial of service (DoS) attack.

Mitigation

Update the affected package xen to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 12-SP3-BCL

xen-tools-domU-debuginfo: before 4.9.4_34-3.114.1

xen-tools-domU: before 4.9.4_34-3.114.1

xen-tools-debuginfo: before 4.9.4_34-3.114.1

xen-tools: before 4.9.4_34-3.114.1

xen-libs-debuginfo: before 4.9.4_34-3.114.1

xen-libs-debuginfo-32bit: before 4.9.4_34-3.114.1

xen-libs: before 4.9.4_34-3.114.1

xen-libs-32bit: before 4.9.4_34-3.114.1

xen-doc-html: before 4.9.4_34-3.114.1

xen-debugsource: before 4.9.4_34-3.114.1

xen: before 4.9.4_34-3.114.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2022/suse-su-20223960-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Resource management error

EUVDB-ID: #VU70594

Risk: Medium

CVSSv3.1: 6.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-42315

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a malicious guest to perform a denial of service (DoS) attack.

The vulnerability exists due to improper management of internal resources within the Xenstore. A malicious guest can allocate huge amount of memory and perform a denial of service (DoS) attack.

Mitigation

Update the affected package xen to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 12-SP3-BCL

xen-tools-domU-debuginfo: before 4.9.4_34-3.114.1

xen-tools-domU: before 4.9.4_34-3.114.1

xen-tools-debuginfo: before 4.9.4_34-3.114.1

xen-tools: before 4.9.4_34-3.114.1

xen-libs-debuginfo: before 4.9.4_34-3.114.1

xen-libs-debuginfo-32bit: before 4.9.4_34-3.114.1

xen-libs: before 4.9.4_34-3.114.1

xen-libs-32bit: before 4.9.4_34-3.114.1

xen-doc-html: before 4.9.4_34-3.114.1

xen-debugsource: before 4.9.4_34-3.114.1

xen: before 4.9.4_34-3.114.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2022/suse-su-20223960-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Resource management error

EUVDB-ID: #VU70595

Risk: Medium

CVSSv3.1: 6.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-42316

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a malicious guest to perform a denial of service (DoS) attack.

The vulnerability exists due to improper management of internal resources within the Xenstore. A malicious guest can allocate huge amount of memory and perform a denial of service (DoS) attack.

Mitigation

Update the affected package xen to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 12-SP3-BCL

xen-tools-domU-debuginfo: before 4.9.4_34-3.114.1

xen-tools-domU: before 4.9.4_34-3.114.1

xen-tools-debuginfo: before 4.9.4_34-3.114.1

xen-tools: before 4.9.4_34-3.114.1

xen-libs-debuginfo: before 4.9.4_34-3.114.1

xen-libs-debuginfo-32bit: before 4.9.4_34-3.114.1

xen-libs: before 4.9.4_34-3.114.1

xen-libs-32bit: before 4.9.4_34-3.114.1

xen-doc-html: before 4.9.4_34-3.114.1

xen-debugsource: before 4.9.4_34-3.114.1

xen: before 4.9.4_34-3.114.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2022/suse-su-20223960-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Resource management error

EUVDB-ID: #VU70596

Risk: Medium

CVSSv3.1: 6.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-42317

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a malicious guest to perform a denial of service (DoS) attack.

The vulnerability exists due to improper management of internal resources within the Xenstore. A malicious guest can allocate huge amount of memory and perform a denial of service (DoS) attack.

Mitigation

Update the affected package xen to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 12-SP3-BCL

xen-tools-domU-debuginfo: before 4.9.4_34-3.114.1

xen-tools-domU: before 4.9.4_34-3.114.1

xen-tools-debuginfo: before 4.9.4_34-3.114.1

xen-tools: before 4.9.4_34-3.114.1

xen-libs-debuginfo: before 4.9.4_34-3.114.1

xen-libs-debuginfo-32bit: before 4.9.4_34-3.114.1

xen-libs: before 4.9.4_34-3.114.1

xen-libs-32bit: before 4.9.4_34-3.114.1

xen-doc-html: before 4.9.4_34-3.114.1

xen-debugsource: before 4.9.4_34-3.114.1

xen: before 4.9.4_34-3.114.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2022/suse-su-20223960-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Resource management error

EUVDB-ID: #VU70597

Risk: Medium

CVSSv3.1: 6.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-42318

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a malicious guest to perform a denial of service (DoS) attack.

The vulnerability exists due to improper management of internal resources within the Xenstore. A malicious guest can allocate huge amount of memory and perform a denial of service (DoS) attack.

Mitigation

Update the affected package xen to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 12-SP3-BCL

xen-tools-domU-debuginfo: before 4.9.4_34-3.114.1

xen-tools-domU: before 4.9.4_34-3.114.1

xen-tools-debuginfo: before 4.9.4_34-3.114.1

xen-tools: before 4.9.4_34-3.114.1

xen-libs-debuginfo: before 4.9.4_34-3.114.1

xen-libs-debuginfo-32bit: before 4.9.4_34-3.114.1

xen-libs: before 4.9.4_34-3.114.1

xen-libs-32bit: before 4.9.4_34-3.114.1

xen-doc-html: before 4.9.4_34-3.114.1

xen-debugsource: before 4.9.4_34-3.114.1

xen: before 4.9.4_34-3.114.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2022/suse-su-20223960-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Resource exhaustion

EUVDB-ID: #VU70587

Risk: Medium

CVSSv3.1: 6.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-42319

CWE-ID: CWE-400 - Resource exhaustion

Exploit availability: No

Description

The vulnerability allows a malicious guest to perform a denial of service (DoS) attack.

The vulnerability exists in Xenstore due to allocated temporary memory is freed only after the request is completely finished. A malicious guest can allocate large amounts of memory and perform a denial of service (DoS) attack.

Mitigation

Update the affected package xen to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 12-SP3-BCL

xen-tools-domU-debuginfo: before 4.9.4_34-3.114.1

xen-tools-domU: before 4.9.4_34-3.114.1

xen-tools-debuginfo: before 4.9.4_34-3.114.1

xen-tools: before 4.9.4_34-3.114.1

xen-libs-debuginfo: before 4.9.4_34-3.114.1

xen-libs-debuginfo-32bit: before 4.9.4_34-3.114.1

xen-libs: before 4.9.4_34-3.114.1

xen-libs-32bit: before 4.9.4_34-3.114.1

xen-doc-html: before 4.9.4_34-3.114.1

xen-debugsource: before 4.9.4_34-3.114.1

xen: before 4.9.4_34-3.114.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2022/suse-su-20223960-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) Improper Privilege Management

EUVDB-ID: #VU70586

Risk: Medium

CVSSv3.1: 5.5 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-42320

CWE-ID: CWE-269 - Improper Privilege Management

Exploit availability: No

Description

The vulnerability allows a malicious guest to escalate privileges.

The vulnerability exists due to improper privilege management in Xenstore. A malicious new guest domain can access resources belonging to a previous domain. The impact depends on the software in use and cal result in a denial of service, information disclosure or privilege escalation.

Mitigation

Update the affected package xen to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 12-SP3-BCL

xen-tools-domU-debuginfo: before 4.9.4_34-3.114.1

xen-tools-domU: before 4.9.4_34-3.114.1

xen-tools-debuginfo: before 4.9.4_34-3.114.1

xen-tools: before 4.9.4_34-3.114.1

xen-libs-debuginfo: before 4.9.4_34-3.114.1

xen-libs-debuginfo-32bit: before 4.9.4_34-3.114.1

xen-libs: before 4.9.4_34-3.114.1

xen-libs-32bit: before 4.9.4_34-3.114.1

xen-doc-html: before 4.9.4_34-3.114.1

xen-debugsource: before 4.9.4_34-3.114.1

xen: before 4.9.4_34-3.114.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2022/suse-su-20223960-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) Uncontrolled Recursion

EUVDB-ID: #VU70585

Risk: Medium

CVSSv3.1: 6.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-42321

CWE-ID: CWE-674 - Uncontrolled Recursion

Exploit availability: No

Description

The vulnerability allows a malicious guest to perform a denial of service (DoS) attack.

The vulnerability exists due to uncontrolled recursion in Xenstore. A malicious guest can create very deep nesting levels of Xenstore nodes and perform stack exhaustion on xenstored.

Mitigation

Update the affected package xen to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 12-SP3-BCL

xen-tools-domU-debuginfo: before 4.9.4_34-3.114.1

xen-tools-domU: before 4.9.4_34-3.114.1

xen-tools-debuginfo: before 4.9.4_34-3.114.1

xen-tools: before 4.9.4_34-3.114.1

xen-libs-debuginfo: before 4.9.4_34-3.114.1

xen-libs-debuginfo-32bit: before 4.9.4_34-3.114.1

xen-libs: before 4.9.4_34-3.114.1

xen-libs-32bit: before 4.9.4_34-3.114.1

xen-doc-html: before 4.9.4_34-3.114.1

xen-debugsource: before 4.9.4_34-3.114.1

xen: before 4.9.4_34-3.114.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2022/suse-su-20223960-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

14) Resource exhaustion

EUVDB-ID: #VU70583

Risk: Medium

CVSSv3.1: 6.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-42322

CWE-ID: CWE-400 - Resource exhaustion

Exploit availability: No

Description

The vulnerability allows a malicious guest to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient control over consumption of internal resources in Xenstore. Two malicious guests working together can drive xenstored into an out of memory situation, resulting in a Denial of Service (DoS) of xenstored.

Mitigation

Update the affected package xen to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 12-SP3-BCL

xen-tools-domU-debuginfo: before 4.9.4_34-3.114.1

xen-tools-domU: before 4.9.4_34-3.114.1

xen-tools-debuginfo: before 4.9.4_34-3.114.1

xen-tools: before 4.9.4_34-3.114.1

xen-libs-debuginfo: before 4.9.4_34-3.114.1

xen-libs-debuginfo-32bit: before 4.9.4_34-3.114.1

xen-libs: before 4.9.4_34-3.114.1

xen-libs-32bit: before 4.9.4_34-3.114.1

xen-doc-html: before 4.9.4_34-3.114.1

xen-debugsource: before 4.9.4_34-3.114.1

xen: before 4.9.4_34-3.114.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2022/suse-su-20223960-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

15) Resource exhaustion

EUVDB-ID: #VU70584

Risk: Medium

CVSSv3.1: 6.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-42323

CWE-ID: CWE-400 - Resource exhaustion

Exploit availability: No

Description

The vulnerability allows a malicious guest to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient control over consumption of internal resources in Xenstore. Two malicious guests working together can drive xenstored into an out of memory situation, resulting in a Denial of Service (DoS) of xenstored.

Mitigation

Update the affected package xen to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 12-SP3-BCL

xen-tools-domU-debuginfo: before 4.9.4_34-3.114.1

xen-tools-domU: before 4.9.4_34-3.114.1

xen-tools-debuginfo: before 4.9.4_34-3.114.1

xen-tools: before 4.9.4_34-3.114.1

xen-libs-debuginfo: before 4.9.4_34-3.114.1

xen-libs-debuginfo-32bit: before 4.9.4_34-3.114.1

xen-libs: before 4.9.4_34-3.114.1

xen-libs-32bit: before 4.9.4_34-3.114.1

xen-doc-html: before 4.9.4_34-3.114.1

xen-debugsource: before 4.9.4_34-3.114.1

xen: before 4.9.4_34-3.114.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2022/suse-su-20223960-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

16) Resource exhaustion

EUVDB-ID: #VU70581

Risk: Medium

CVSSv3.1: 6.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-42325

CWE-ID: CWE-400 - Resource exhaustion

Exploit availability: No

Description

The vulnerability allows a malicious guest to perform a denial of service (DoS) attack.

The vulnerability exists due to missing control over the number of created nodes in Xenstore. A malicious guest can consume all available memory resources by created an unlimited number of nodes.

The vulnerability affects the C variant of Xenstore (e.g. xenstored and xenstore-stubdom).

Mitigation

Update the affected package xen to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 12-SP3-BCL

xen-tools-domU-debuginfo: before 4.9.4_34-3.114.1

xen-tools-domU: before 4.9.4_34-3.114.1

xen-tools-debuginfo: before 4.9.4_34-3.114.1

xen-tools: before 4.9.4_34-3.114.1

xen-libs-debuginfo: before 4.9.4_34-3.114.1

xen-libs-debuginfo-32bit: before 4.9.4_34-3.114.1

xen-libs: before 4.9.4_34-3.114.1

xen-libs-32bit: before 4.9.4_34-3.114.1

xen-doc-html: before 4.9.4_34-3.114.1

xen-debugsource: before 4.9.4_34-3.114.1

xen: before 4.9.4_34-3.114.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2022/suse-su-20223960-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

17) Resource exhaustion

EUVDB-ID: #VU70582

Risk: Medium

CVSSv3.1: 6.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-42326

CWE-ID: CWE-400 - Resource exhaustion

Exploit availability: No

Description

The vulnerability allows a malicious guest to perform a denial of service (DoS) attack.

The vulnerability exists due to missing control over the number of created nodes in Xenstore. A malicious guest can consume all available memory resources by created an unlimited number of nodes.

The vulnerability affects the C variant of Xenstore (e.g. xenstored and xenstore-stubdom).

Mitigation

Update the affected package xen to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 12-SP3-BCL

xen-tools-domU-debuginfo: before 4.9.4_34-3.114.1

xen-tools-domU: before 4.9.4_34-3.114.1

xen-tools-debuginfo: before 4.9.4_34-3.114.1

xen-tools: before 4.9.4_34-3.114.1

xen-libs-debuginfo: before 4.9.4_34-3.114.1

xen-libs-debuginfo-32bit: before 4.9.4_34-3.114.1

xen-libs: before 4.9.4_34-3.114.1

xen-libs-32bit: before 4.9.4_34-3.114.1

xen-doc-html: before 4.9.4_34-3.114.1

xen-debugsource: before 4.9.4_34-3.114.1

xen: before 4.9.4_34-3.114.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2022/suse-su-20223960-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###