Home > Vulnerability Database > CVE-2022-33746

Mend.io Vulnerability Database

CVE-2022-33746

Date: October 10, 2022

P2M pool freeing may take excessively long The P2M pool backing second level address translation for guests may be of significant size. Therefore its freeing may take more time than is reasonable without intermediate preemption checks. Such checking for the need to preempt was so far missing.

Language: C

Severity Score

6.5

Related Resources (14)

Url: https://security.gentoo.org/glsa/202402-07

Url: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TJOMUNGW6VTK5CZZRLWLVVEOUPEQBRHI/

Url: http://xenbits.xen.org/xsa/advisory-410.html

Url: http://www.openwall.com/lists/oss-security/2022/10/11/3

Url: https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWSC77GS5NATI3TT7FMVPULUPXR635XQ/

Url: https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TJOMUNGW6VTK5CZZRLWLVVEOUPEQBRHI/

Url: https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZVXG7OOOXCX6VIPEMLFDPIPUTFAYWPE/

Url: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XWSC77GS5NATI3TT7FMVPULUPXR635XQ/

Url: https://nvd.nist.gov/vuln/detail/CVE-2022-33746

Url: https://xenbits.xenproject.org/xsa/advisory-410.txt

Url: https://security-tracker.debian.org/tracker/CVE-2022-33746

Url: https://www.debian.org/security/2022/dsa-5272

Url: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YZVXG7OOOXCX6VIPEMLFDPIPUTFAYWPE/

Url: https://www.mend.io/vulnerability-database/CVE-2022-33746

Severity Score

6.5

Weakness Type (CWE)

Improper Resource Shutdown or Release

CWE-404

Uncontrolled Resource Consumption ('Resource Exhaustion')

CWE-400

CVSS v3.1

Base Score:	6.5
Attack Vector (AV):	LOCAL
Attack Complexity (AC):	LOW
Privileges Required (PR):	LOW
User Interaction (UI):	NONE
Scope (S):	CHANGED
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	HIGH

Mend.io Vulnerability Database

We found results for “”

CVE-2022-33746

Date: October 10, 2022

Language: C

Severity Score

Related Resources (14)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?