XAPI open file limit DoS It is possible for an unauthenticated client on the network to cause XAPI to hit its file-descriptor limit. This causes XAPI to be unable to accept new requests for other (trusted) clients, and blocks XAPI from carrying out any tasks that require the opening of file descriptors.
References
Link | Resource |
---|---|
http://www.openwall.com/lists/oss-security/2022/10/11/4 | Mailing List Patch Third Party Advisory |
http://xenbits.xen.org/xsa/advisory-413.html | Patch Vendor Advisory |
https://security.gentoo.org/glsa/202402-07 | |
https://xenbits.xenproject.org/xsa/advisory-413.txt | Patch Vendor Advisory |
Configurations
History
04 Feb 2024, 08:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
08 Aug 2023, 14:22
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-770 |
14 Oct 2022, 09:23
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://xenbits.xenproject.org/xsa/advisory-413.txt - Patch, Vendor Advisory | |
References | (CONFIRM) http://xenbits.xen.org/xsa/advisory-413.html - Patch, Vendor Advisory | |
References | (MLIST) http://www.openwall.com/lists/oss-security/2022/10/11/4 - Mailing List, Patch, Third Party Advisory | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.3 |
CWE | CWE-400 | |
First Time |
Xen xapi
Xen |
|
CPE | cpe:2.3:o:xen:xapi:*:*:*:*:*:*:*:* |
11 Oct 2022, 15:16
Type | Values Removed | Values Added |
---|---|---|
References |
|
11 Oct 2022, 13:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-10-11 13:15
Updated : 2024-02-04 08:15
NVD link : CVE-2022-33749
Mitre link : CVE-2022-33749
CVE.ORG link : CVE-2022-33749
JSON object : View
Products Affected
xen
- xapi
CWE
CWE-770
Allocation of Resources Without Limits or Throttling