QwikSec

Security Database

CVE

CWE

Training

CVE-2022-42310

Published: Nov 1, 2022

Modified: Aug 3, 2024

PUBLISHED

Description

Xenstore: Guests can create orphaned Xenstore nodes By creating multiple nodes inside a transaction resulting in an error, a malicious guest can create orphaned nodes in the Xenstore data base, as the cleanup after the error will not remove all nodes already created. When the transaction is committed after this situation, nodes without a valid parent can be made permanent in the data base.

Vendor	Product	Versions
Xen	xen	unknown `consult Xen advisory XSA-415`

References

https://xenbits.xenproject.org/xsa/advisory-415.txt

http://xenbits.xen.org/xsa/advisory-415.html

[oss-security] 20221101 Xen Security Advisory 415 v2 (CVE-2022-42310) - Xenstore: Guests can create orphaned Xenstore nodes

mailing-list

vendor-advisory

FEDORA-2022-07438e12df

vendor-advisory

FEDORA-2022-99af00f60e

vendor-advisory

FEDORA-2022-9f51d13fa3

vendor-advisory

vendor-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.