Xapi
Monthly
Denial-of-service and database-corruption in Xen's XAPI toolstack (the XenAPI management layer used by XCP-ng and Citrix/XenServer Hypervisor) lets clients that submit object updates crash the database event thread or write strings that permanently prevent the database from loading. Three distinct input-validation defects are covered by XSA-474: notifications built from unsanitised input, a UTF-8 encoder that follows Unicode 3.0 while dependent libraries enforce the stricter 3.1 spec, and a total absence of sanitisation for Map/Set object updates. No public exploit has been identified at time of analysis and it is not on CISA KEV; the CVSS 4.0 base score is 9.4.
For a brief summary of Xapi terminology, see: https://xapi-project.github.io/xen-api/overview.html#object-model-overview Xapi contains functionality to backup and restore metadata about Virtual. Rated low severity (CVSS 3.8), this vulnerability is low attack complexity.
XAPI open file limit DoS It is possible for an unauthenticated client on the network to cause XAPI to hit its file-descriptor limit. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.
An issue was discovered in Xen XAPI before 2020-12-15. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.
Denial-of-service and database-corruption in Xen's XAPI toolstack (the XenAPI management layer used by XCP-ng and Citrix/XenServer Hypervisor) lets clients that submit object updates crash the database event thread or write strings that permanently prevent the database from loading. Three distinct input-validation defects are covered by XSA-474: notifications built from unsanitised input, a UTF-8 encoder that follows Unicode 3.0 while dependent libraries enforce the stricter 3.1 spec, and a total absence of sanitisation for Map/Set object updates. No public exploit has been identified at time of analysis and it is not on CISA KEV; the CVSS 4.0 base score is 9.4.
For a brief summary of Xapi terminology, see: https://xapi-project.github.io/xen-api/overview.html#object-model-overview Xapi contains functionality to backup and restore metadata about Virtual. Rated low severity (CVSS 3.8), this vulnerability is low attack complexity.
XAPI open file limit DoS It is possible for an unauthenticated client on the network to cause XAPI to hit its file-descriptor limit. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.
An issue was discovered in Xen XAPI before 2020-12-15. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.