CVE-2022-33746
CVE-2022-33746
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 0.3%KEV nãoPoC —Nuclei —Metasploit —Patch referenciado
Lifecycle
11 Oct 2022Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
P2M pool freeing may take excessively long The P2M pool backing second level address translation for guests may be of significant size. Therefore its freeing may take more time than is reasonable without intermediate preemption checks. Such checking for the need to preempt was so far missing.
Affected products
Xen · xenWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TJOMUNGW6VTK5CZZRLWLVVEOUPEQBRHI/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWSC77GS5NATI3TT7FMVPULUPXR635XQ/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZVXG7OOOXCX6VIPEMLFDPIPUTFAYWPE/https://security.gentoo.org/glsa/202402-07https://www.debian.org/security/2022/dsa-5272https://xenbits.xenproject.org/xsa/advisory-410.txthttp://www.openwall.com/lists/oss-security/2022/10/11/3http://xenbits.xen.org/xsa/advisory-410.html