#VU70468 Input validation error in Xen - CVE-2022-3643

Cybersecurity Help s.r.o.

Published: 2022-12-21

Vulnerability identifier: #VU70468

Vulnerability risk: Medium

CVSSv4.0: 5.6 [CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/E:U/U:Green]

CVE-ID: CVE-2022-3643

CWE-ID: CWE-20

Exploitation vector: Local network

Exploit availability: No

Vulnerable software:
Xen
Server applications / Virtualization software

Vendor: Xen Project

Description

The vulnerability allows an attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of network packets. An attacker with access to the guest OS can trigger the related physical NIC on the host to reset, abort, or crash by sending certain kinds of packets.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Xen: All versions

External links
http://xenbits.xenproject.org/xsa/advisory-423.txt
http://www.openwall.com/lists/oss-security/2022/12/07/2

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Amazon Linux AMI update for kernel

Ubuntu Kernel Live Patch

Multiple vulnerabilities in Dell Data Protection Central

Multiple vulnerabilities in Dell EMC SRM and Dell EMC Storage Monitoring and Reporting (SMR)

Amazon Linux AMI update for kernel

Multiple vulnerabilities in Dell EMC VxRail Appliance

Ubuntu update for linux-bluefield

Multiple vulnerabilities in Dell Cloud Tiering Appliance

Multiple vulnerabilities in Dell Secure Connect Gateway

Slackware Linux update for kernel