VDB
CVE-2022-33747
CVE-2022-33747
PUBLISHED
In Xen und Citrix Hypervisor existieren mehrere Schwachstellen. Die Fehler bestehen in der Erschöpfung des Arbeitsspeichers, dem vorübergehenden Blockieren der CPU, einem eingebauten Denial of Service, dem Blockieren von Verbindungen zur XAPI-HTTP-Schnittstelle und der Unterbrechung laufender Operationen. Ein Angreifer aus dem angrenzenden Netzwerk kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand auszulösen.
EPSS 0.03% · 8.9th percentile
Risk Scores
EPSS Score
0.03%
8.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| SUSE | SUSE Linux | |
| Open Source | Open Source Xen 4.15.x | |
| Debian | Debian Linux | |
| Citrix Systems | Citrix Systems Hypervisor 8.2 LTSR CU1 | |
| Open Source | Open Source Xen xsa413 | |
| Open Source | Open Source Xen 4.13.x | |
| Gentoo | Gentoo Linux | |
| Open Source | Open Source Xen 4.14.x | |
| Open Source | Open Source Xen 4.16.x |
Timeline
- Oct 11, 2022 CVE Published
- Oct 12, 2022 EPSS Score
- Nov 25, 2022 EPSS Score
- Jan 8, 2023 EPSS Score
- Feb 21, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 6, 2023 EPSS Score
- May 20, 2023 EPSS Score
- Jul 3, 2023 EPSS Score
- Aug 16, 2023 EPSS Score
- Sep 29, 2023 EPSS Score
- Nov 12, 2023 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-1680.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-1680 advisory
- https://xenbits.xen.org/xsa/advisory-409.html advisory
- https://xenbits.xen.org/xsa/advisory-410.html advisory
- https://xenbits.xen.org/xsa/advisory-411.html advisory
- https://xenbits.xen.org/xsa/advisory-413.html advisory
- https://support.citrix.com/article/CTX465146/citrix-hypervisor-security-bulletin-for-cve202233748-cve202233749 advisory
- https://lists.suse.com/pipermail/sle-security-updates/2022-October/012580.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2022-October/012670.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2022-October/012667.html advisory
- https://lists.debian.org/debian-security-announce/2022/msg00242.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2022-November/012859.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2022-November/012866.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2022-November/012906.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2022-November/012910.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2022-November/012939.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2022-November/012964.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2022-November/013122.html advisory
- https://oss.oracle.com/pipermail/oraclevm-errata/2022-December/001065.html advisory
- https://security.gentoo.org/glsa/202402-07 advisory