PT-2022-4166 · Xen+5 · Xen+5

Demi Marie

Published

2022-03-07

Updated

2022-11-29

CVE-2022-23040

CVSS v3.1

7.0

High

Vector

AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Xen (affected versions not specified)

Description The issue is caused by synchronization errors when using a shared resource in the xenbus component of the Xen hypervisor. Exploitation of this issue may allow an attacker to cause a denial of service.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Race Condition

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-362

Related Identifiers

ALT-PU-2022-1465

ALT-PU-2022-1466

ALT-PU-2022-1518

ALT-PU-2022-1688

ALT-PU-2022-1713

ALT-PU-2022-1721

ALT-PU-2022-1722

BDU:2022-05009

CVE-2022-23040

DLA-3065-1

MGASA-2022-0100

MGASA-2022-0101

OESA-2022-1621

OPENSUSE-SU-2022:1039-1

OPENSUSE-SU-2022_1039-1

OPENSUSE-SU-2022_1163-1

OPENSUSE-SU-2022_1256-1

SUSE-SU-2022:1038-1

SUSE-SU-2022:1039-1

SUSE-SU-2022:1163-1

SUSE-SU-2022:1196-1

SUSE-SU-2022:1197-1

SUSE-SU-2022:1255-1

SUSE-SU-2022:1256-1

SUSE-SU-2022:1257-1

SUSE-SU-2022:1266-1

SUSE-SU-2022:1267-1

SUSE-SU-2022:1270-1

SUSE-SU-2022:1283-1

SUSE-SU-2022:1402-1

USN-5418-1

USN-5467-1

Affected Products

Alt Linux

Astra Linux

Linuxmint

Suse

Ubuntu

Xen

PT-2022-4166 · Xen+5 · Xen+5

CVE-2022-23040

Weakness Enumeration

Related Identifiers

Affected Products

References · 384