"value":"All versions of Xen are affected.\n\nOnly systems running the C variant of Xenstore (xenstored or xenstore-\nstubdom) are vulnerable.\n\nSystems using the Ocaml variant of Xenstore (oxenstored) are not vulnerable."
}
]
}
}
},
"credit":{
"credit_data":{
"description":{
"description_data":[
{
"lang":"eng",
"value":"This issue was discovered by David Vrabel of Amazon."
}
]
}
}
},
"data_format":"MITRE",
"data_type":"CVE",
"data_version":"4.0",
"description":{
"description_data":[
{
"lang":"eng",
"value":"Xenstore: Guests can crash xenstored via exhausting the stack\n\nXenstored is using recursion for some Xenstore operations (e.g. for\ndeleting a sub-tree of Xenstore nodes). With sufficiently deep nesting\nlevels this can result in stack exhaustion on xenstored, leading to a\ncrash of xenstored."
}
]
},
"impact":{
"impact_data":{
"description":{
"description_data":[
{
"lang":"eng",
"value":"A malicious guest creating very deep nesting levels of Xenstore nodes\nmight be able to crash xenstored, resulting in a Denial of Service (DoS)\nof Xenstore.\n\nThis will inhibit creation of new guests or changing the configuration of\nalready running guests."
