PT-2022-4540 · Unknown+5 · Xen Hypervisor+5

Demi Marie

Published

2022-03-10

Updated

2022-11-29

CVE-2022-23036

CVSS v3.1

7.0

High

Vector

AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Xen hypervisor (affected versions not specified)

Description The issue is caused by synchronization errors when using a shared resource in the blkfront driver of the Xen hypervisor. Exploitation of this issue may allow an attacker to cause a denial of service.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Race Condition

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-362

Related Identifiers

ALT-PU-2022-1465

ALT-PU-2022-1466

ALT-PU-2022-1518

ALT-PU-2022-1688

ALT-PU-2022-1713

ALT-PU-2022-1721

ALT-PU-2022-1722

BDU:2022-05410

CVE-2022-23036

DLA-3065-1

MGASA-2022-0100

MGASA-2022-0101

OESA-2022-1631

OPENSUSE-SU-2022:1039-1

OPENSUSE-SU-2022_1039-1

OPENSUSE-SU-2022_1163-1

OPENSUSE-SU-2022_1256-1

SUSE-SU-2022:1038-1

SUSE-SU-2022:1039-1

SUSE-SU-2022:1163-1

SUSE-SU-2022:1196-1

SUSE-SU-2022:1197-1

SUSE-SU-2022:1255-1

SUSE-SU-2022:1256-1

SUSE-SU-2022:1257-1

SUSE-SU-2022:1266-1

SUSE-SU-2022:1267-1

SUSE-SU-2022:1270-1

SUSE-SU-2022:1283-1

SUSE-SU-2022:1402-1

USN-5418-1

USN-5467-1

Affected Products

Alt Linux

Astra Linux

Linuxmint

Suse

Ubuntu

Xen Hypervisor

PT-2022-4540 · Unknown+5 · Xen Hypervisor+5

CVE-2022-23036

Weakness Enumeration

Related Identifiers

Affected Products

References · 366