CVE-2022-42326

MEDIUM

Xen >=4.9.0 - Use-After-Free in Xenstore Node Transaction Handling

Title source: llm
STIX 2.1

Description

Xenstore: Guests can create arbitrary number of nodes via transactions T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] In case a node has been created in a transaction and it is later deleted in the same transaction, the transaction will be terminated with an error. As this error is encountered only when handling the deleted node at transaction finalization, the transaction will have been performed partially and without updating the accounting information. This will enable a malicious guest to create arbitrary number of nodes.

References (8)

Core 8
Core References
Mailing List, Patch, Third Party Advisory mailing-list
http://www.openwall.com/lists/oss-security/2022/11/01/11
Third Party Advisory vendor-advisory
https://www.debian.org/security/2022/dsa-5272
Third Party Advisory vendor-advisory
https://security.gentoo.org/glsa/202402-07

Scores

CVSS v3 5.5
EPSS 0.0004
EPSS Percentile 11.9%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-401
Status published
Products (5)
debian/debian_linux 11.0
fedoraproject/fedora 35
fedoraproject/fedora 36
fedoraproject/fedora 37
xen/xen 4.9.0
Published Nov 01, 2022
Tracked Since Feb 18, 2026