CVE-2022-42319EPSS p18.3%

CVE-2022-42319CVE-2022-42319

xen / xen

Description

Xenstore: Guests can cause Xenstore to not free temporary memory When working on a request of a guest, xenstored might need to allocate quite large amounts of memory temporarily. This memory is freed only after the request has been finished completely. A request is regarded to be finished only after the guest has read the response message of the request from the ring page. Thus a guest not reading the response can cause xenstored to not free the temporary memory. This can result in memory shortages causing Denial of Service (DoS) of xenstored.

Scoring

CVSS 6.5 ()
VectorCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
EPSS0.27% probability of exploitation · percentile 18.3% · 2026-06-19T12:03:05Z
Last modified2026-06-17
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.