CVE-2018-15470
MEDIUMXen < 4.11.0 - Denial of Service via Uncontrolled Resource Consumption in oxenstored
Title source: llmDescription
An issue was discovered in Xen through 4.11.x. The logic in oxenstored for handling writes depended on the order of evaluation of expressions making up a tuple. As indicated in section 7.7.3 "Operations on data structures" of the OCaml manual, the order of evaluation of subexpressions is not specified. In practice, different implementations behave differently. Thus, oxenstored may not enforce the configured quota-maxentity. This allows a malicious or buggy guest to write as many xenstore entries as it wishes, causing unbounded memory usage in oxenstored. This can lead to a system-wide DoS.
References (3)
Core 3
Core References
Third Party Advisory vendor-advisory
x_refsource_gentoo
https://security.gentoo.org/glsa/201810-06
Mailing List mailing-list
x_refsource_mlist
https://lists.debian.org/debian-lts-announce/2018/11/msg00013.html
Vendor Advisory x_refsource_misc
http://xenbits.xen.org/xsa/advisory-272.html
Scores
CVSS v3
6.5
EPSS
0.0018
EPSS Percentile
39.5%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
Details
CWE
CWE-400
Status
published
Products (1)
xen/xen
< 4.11.0
Published
Aug 17, 2018
Tracked Since
Feb 18, 2026