Xen Hypervisor x86 Shadow Paging Arbitrary Pointer Deref (CVE-2022-42335)
CVE-2022-42335 Published on April 25, 2023
x86 shadow paging arbitrary pointer dereference In environments where host assisted address translation is necessary but Hardware Assisted Paging (HAP) is unavailable, Xen will run guests in so called shadow mode. Due to too lax a check in one of the hypervisor routines used for shadow page handling it is possible for a guest with a PCI device passed through to cause the hypervisor to access an arbitrary pointer partially under guest control.
Products Associated with CVE-2022-42335
stack.watch emails you whenever new vulnerabilities are published in Citrix Xen Xen or Fedora Project Fedora. Just hit a watch button to start following.
Affected Versions
xen Version consult Xen advisory XSA-430 is unknown by CVE-2022-42335Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.