CVE-2022-33749
MEDIUMXAPI - Unauthenticated Denial of Service via File Descriptor Exhaustion
Title source: llmDescription
XAPI open file limit DoS It is possible for an unauthenticated client on the network to cause XAPI to hit its file-descriptor limit. This causes XAPI to be unable to accept new requests for other (trusted) clients, and blocks XAPI from carrying out any tasks that require the opening of file descriptors.
References (4)
Core 4
Core References
Mailing List, Patch, Third Party Advisory mailing-list
http://www.openwall.com/lists/oss-security/2022/10/11/4
Third Party Advisory vendor-advisory
https://security.gentoo.org/glsa/202402-07
Patch, Vendor Advisory
http://xenbits.xen.org/xsa/advisory-413.html
Patch, Vendor Advisory
https://xenbits.xenproject.org/xsa/advisory-413.txt
Scores
CVSS v3
5.3
EPSS
0.0030
EPSS Percentile
53.3%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Details
CWE
CWE-770
Status
published
Products (1)
xen/xapi
Published
Oct 11, 2022
Tracked Since
Feb 18, 2026