{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-42490", "assignerOrgId": "23aa2041-22e1-471f-9209-9b7396fa234f", "state": "PUBLISHED", "assignerShortName": "XEN", "dateReserved": "2026-04-27T14:20:24.139Z", "datePublished": "2026-06-18T13:47:13.257Z", "dateUpdated": "2026-06-18T15:04:50.692Z"}, "containers": {"cna": {"title": "domctl lock open to abuse", "datePublic": "2026-06-09T12:00:00.000Z", "descriptions": [{"lang": "en", "value": "[This CNA information record relates to multiple CVEs; the\ntext explains which aspects/vulnerabilities correspond to which CVE.]\n\nTo create and manage guests, domctl operations are used by the control\ndomain, a possible Xenstore domain, or by a domain controlling a\nparticular guest. Some of these operations may not be executed in\nparallel, so a system-wide lock is used. The way that lock is acquired\nis, however, not providing any fairness. This is CVE-2026-42489.\n\nFurthermore, with XSM/Flask in use, the lock acquire will, for some\noperations, occur ahead of any permission checking. This is\nCVE-2026-42490."}], "impacts": [{"descriptions": [{"lang": "en", "value": "A less privileged entity may stall an equally or more privileged entity,\npotentially leading to a Denial od Service (DoS) of up to the entire\nhost."}]}], "affected": [{"defaultStatus": "unknown", "product": "Xen", "vendor": "Xen", "versions": [{"status": "unknown", "version": "consult Xen advisory XSA-492"}]}], "configurations": [{"lang": "en", "value": "All Xen versions from 3.3 onwards are vulnerable. Earlier versions use\na different locking operation, but may also be vulnerable."}], "workarounds": [{"lang": "en", "value": "There is no known mitigation."}], "credits": [{"lang": "en", "type": "finder", "value": "This issue was discovered by Andrew Cooper of Citrix."}], "references": [{"url": "https://xenbits.xenproject.org/xsa/advisory-492.html"}], "providerMetadata": {"orgId": "23aa2041-22e1-471f-9209-9b7396fa234f", "shortName": "XEN", "dateUpdated": "2026-06-18T13:47:13.257Z"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-667", "lang": "en", "description": "CWE-667 Improper Locking"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-06-18T15:04:47.308725Z", "id": "CVE-2026-42490", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-06-18T15:04:50.692Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2026-42490", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-06-18T15:04:47.308725Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-667", "description": "CWE-667 Improper Locking"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-06-18T15:04:10.498Z"}}], "cna": {"title": "domctl lock open to abuse", "credits": [{"lang": "en", "type": "finder", "value": "This issue was discovered by Andrew Cooper of Citrix."}], "impacts": [{"descriptions": [{"lang": "en", "value": "A less privileged entity may stall an equally or more privileged entity,\npotentially leading to a Denial od Service (DoS) of up to the entire\nhost."}]}], "affected": [{"vendor": "Xen", "product": "Xen", "versions": [{"status": "unknown", "version": "consult Xen advisory XSA-492"}], "defaultStatus": "unknown"}], "datePublic": "2026-06-09T12:00:00.000Z", "references": [{"url": "https://xenbits.xenproject.org/xsa/advisory-492.html"}], "workarounds": [{"lang": "en", "value": "There is no known mitigation."}], "descriptions": [{"lang": "en", "value": "[This CNA information record relates to multiple CVEs; the\ntext explains which aspects/vulnerabilities correspond to which CVE.]\n\nTo create and manage guests, domctl operations are used by the control\ndomain, a possible Xenstore domain, or by a domain controlling a\nparticular guest. Some of these operations may not be executed in\nparallel, so a system-wide lock is used. The way that lock is acquired\nis, however, not providing any fairness. This is CVE-2026-42489.\n\nFurthermore, with XSM/Flask in use, the lock acquire will, for some\noperations, occur ahead of any permission checking. This is\nCVE-2026-42490."}], "configurations": [{"lang": "en", "value": "All Xen versions from 3.3 onwards are vulnerable. Earlier versions use\na different locking operation, but may also be vulnerable."}], "providerMetadata": {"orgId": "23aa2041-22e1-471f-9209-9b7396fa234f", "shortName": "XEN", "dateUpdated": "2026-06-18T13:47:13.257Z"}}}, "cveMetadata": {"cveId": "CVE-2026-42490", "state": "PUBLISHED", "dateUpdated": "2026-06-18T15:04:50.692Z", "dateReserved": "2026-04-27T14:20:24.139Z", "assignerOrgId": "23aa2041-22e1-471f-9209-9b7396fa234f", "datePublished": "2026-06-18T13:47:13.257Z", "assignerShortName": "XEN"}, "dataVersion": "5.2"}

{}

{}

{"created": "2026-06-18T18:30:15.140080+00:00", "updated": "2026-06-18T18:30:15.140086+00:00", "vendors": []}