CVE-2022-42330

HIGH Year: 2022
CVSS v3 Score
7.5
High
Weakness Type
NVD-CWE-Other
View all →

Vulnerability Description

Guests can cause Xenstore crash via soft reset When a guest issues a "Soft Reset" (e.g. for performing a kexec) the libxl based Xen toolstack will normally perform a XS_RELEASE Xenstore operation. Due to a bug in xenstored this can result in a crash of xenstored. Any other use of XS_RELEASE will have the same impact.

Related Vulnerabilities

CVE-1999-0236

HIGH
CVSS:7.5(High)

ScriptAlias directory in NCSA and Apache httpd allowed attackers to read CGI programs.

NVD-CWE-Other1999

CVE-2003-1604

HIGH
CVSS:7.5(High)

The redirect_target function in net/ipv4/netfilter/ipt_REDIRECT.c in the Linux kernel before 2.6.0 allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) by sending p...

NVD-CWE-Other2003

CVE-2007-3816

HIGH
CVSS:7.5(High)

JWIG might allow context-dependent attackers to cause a denial of service (service degradation) via loops of references to external templates. NOTE: this issue has been disputed by multiple third part...

NVD-CWE-Other2007

CVE-2010-3035

HIGH
CVSS:7.5(High)

Cisco IOS XR 3.4.0 through 3.9.1, when BGP is enabled, does not properly handle unrecognized transitive attributes, which allows remote attackers to cause a denial of service (peering reset) via a cra...

NVD-CWE-Other2010

CVE-2011-2699

HIGH
CVSS:7.5(High)

The IPv6 implementation in the Linux kernel before 3.1 does not generate Fragment Identification values separately for each destination, which makes it easier for remote attackers to cause a denial of...

NVD-CWE-Other2011

CVE-2011-4115

HIGH
CVSS:7.5(High)

Parallel::ForkManager module before 1.0.0 for Perl does not properly handle temporary files.

NVD-CWE-Other2011