{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2022-42330","assignerOrgId":"23aa2041-22e1-471f-9209-9b7396fa234f","assignerShortName":"XEN","dateUpdated":"2024-08-03T13:03:45.923Z","dateReserved":"2022-10-03T00:00:00.000Z","datePublished":"2023-01-26T00:00:00.000Z"},"containers":{"cna":{"providerMetadata":{"orgId":"23aa2041-22e1-471f-9209-9b7396fa234f","shortName":"XEN","dateUpdated":"2024-02-04T08:07:26.439Z"},"descriptions":[{"lang":"en","value":"Guests can cause Xenstore crash via soft reset When a guest issues a \"Soft Reset\" (e.g. for performing a kexec) the libxl based Xen toolstack will normally perform a XS_RELEASE Xenstore operation. Due to a bug in xenstored this can result in a crash of xenstored. Any other use of XS_RELEASE will have the same impact."}],"affected":[{"vendor":"Xen","product":"xen","versions":[{"version":"consult Xen advisory XSA-425","status":"unknown"}]}],"references":[{"url":"https://xenbits.xenproject.org/xsa/advisory-425.txt"},{"name":"GLSA-202402-07","tags":["vendor-advisory"],"url":"https://security.gentoo.org/glsa/202402-07"}],"metrics":[{"other":{"type":"unknown","content":{"description":{"description_data":[{"lang":"eng","value":"A malicious guest could try to kexec until it hits the xenstored bug,\nresulting in the inability to perform any further domain administration\nlike starting new guests, or adding/removing resources to or from any\nexisting guest."}]}}}}],"problemTypes":[{"descriptions":[{"type":"text","lang":"en","description":"unknown"}]}]},"adp":[{"title":"CVE Program Container","references":[{"url":"http://xenbits.xen.org/xsa/advisory-425.html"},{"url":"https://xenbits.xenproject.org/xsa/advisory-425.txt","tags":["x_transferred"]},{"name":"GLSA-202402-07","tags":["vendor-advisory","x_transferred"],"url":"https://security.gentoo.org/glsa/202402-07"}],"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-03T13:03:45.923Z"}}]}}