Oval Definition:	oval:org.opensuse.security:def:202242309
Revision Date: 2023-06-22 Version: 1 Title: CVE-2022-42309 Description: Xenstore: Guests can crash xenstored Due to a bug in the fix of XSA-115 a malicious guest can cause xenstored to use a wrong pointer during node creation in an error path, resulting in a crash of xenstored or a memory corruption in xenstored causing further damage. Entering the error path can be controlled by the guest e.g. by exceeding the quota value of maximum nodes per domain. Family: unix Class: vulnerability Status: Reference(s): Mitre CVE-2022-42309 SUSE CVE-2022-42309 SUSE-IU-2022:1124-1 SUSE-IU-2022:1130-1 SUSE-IU-2022:1131-1 SUSE-IU-2022:1132-1 SUSE-IU-2022:1133-1 SUSE-IU-2022:1134-1 SUSE-IU-2022:1148-1 SUSE-SU-2022:3925-1 SUSE-SU-2022:3928-1 SUSE-SU-2022:3947-1 SUSE-SU-2022:3960-1 SUSE-SU-2022:3971-1 SUSE-SU-2022:4007-1 SUSE-SU-2022:4051-1 SUSE-SU-2022:4241-1 SUSE-SU-2022:4332-1 Platform(s): SUSE Linux Enterprise Desktop 15 SP5 SUSE Linux Enterprise High Performance Computing 15 SP5 SUSE Linux Enterprise Micro 5.3 SUSE Linux Enterprise Module for Basesystem 15 SP5 SUSE Linux Enterprise Server 15 SP5 SUSE Linux Enterprise Server for SAP Applications 15 SP5 Product(s): Definition Synopsis SUSE Linux Enterprise Micro 5.3 is installed AND xen-libs-4.16.2_08-150400.4.16.1 is installed Definition Synopsis Release Information SUSE Linux Enterprise Desktop 15 SP5 is installed OR SUSE Linux Enterprise High Performance Computing 15 SP5 is installed OR SUSE Linux Enterprise Module for Basesystem 15 SP5 is installed OR SUSE Linux Enterprise Server 15 SP5 is installed OR SUSE Linux Enterprise Server for SAP Applications 15 SP5 is installed AND Package Information xen-libs-4.17.0_06-150500.1.10 is installed OR xen-tools-domU-4.17.0_06-150500.1.10 is installed
BACK