CVE-2022-42320 - How Xenstore Leaks Old Domain Access and How it Can Be Exploited
Security flaws in the virtualization stack often have long and surprising after-effects. CVE-2022-42320 is a prime example of how a small detail in access control
CVE-2022-42314 - How Xenstore Memory Exploit Lets Guests Crash Your Xen Servers
If you use Xen virtualization in your infrastructure, you might already know that Xenstore is the central database where various parts of Xen—including virtual
CVE-2022-42309 - How a Malicious Guest Can Crash Xenstore — Deep Dive and Exploit Example
In late 2022, a new vulnerability shook the virtualization world: CVE-2022-42309. This bug gave malicious guests in Xen-based virtual environments a way to crash xenstored—
CVE-2022-42310 - Understanding the Xenstore Orphaned Nodes Vulnerability and How It Can Be Exploited
TL;DR: This post explains CVE-2022-42310, a flaw in Xen where guests can create orphaned nodes in Xenstore, possibly affecting the stability and security of
CVE-2022-42323 - Xenstore Node Explosion – How Guests Can Fill Dom’s Quota
*CVE-2022-42323* highlights a weakness in the Xen Hypervisor’s Xenstore service, uncovering how two collaborating virtual machines (VMs), or “guests,” can fill the hypervisor’s
Episode
00:00:00
00:00:00