How severe is CVE-2022-33747?

This vulnerability has a severity rating of LOW with a CVSS score of 3.8 out of 10.

What type of vulnerability is CVE-2022-33747?

This is classified as CWE-404, which is a common weakness in software security.

CVE-2022-33747 - LOW Severity | CVSS 3.8

Vulnerability Description

Arm: unbounded memory consumption for 2nd-level page tables Certain actions require e.g. removing pages from a guest's P2M (Physical-to-Machine) mapping. When large pages are in use to map guest pages in the 2nd-stage page tables, such a removal operation may incur a memory allocation (to replace a large mapping with individual smaller ones). These memory allocations are taken from the global memory pool. A malicious guest might be able to cause the global memory pool to be exhausted by manipulating its own P2M mappings.

Related Vulnerabilities

CVE-2017-1000369

MEDIUM

CVSS:4.0(Medium)

Exim supports the use of multiple "-p" command line arguments which are malloc()'ed and never free()'ed, used in conjunction with other issues allows attackers to cause arbitrary code execution. This ...

CWE-4042017

CVE-2024-11586

MEDIUM

CVSS:4.0(Medium)

Ubuntu's implementation of pulseaudio can be crashed by a malicious program if a bluetooth headset is connected.

CWE-4042024

CVE-2024-47972

MEDIUM

CVSS:4.0(Medium)

Improper resource management in firmware of some Solidigm DC Products may allow an attacker to potentially control the performance of the resource.

CWE-4042024

CVE-2025-25899

LOW

CVSS:3.5(Low)

A buffer overflow vulnerability was discovered in TP-Link TL-WR841ND V11 via the 'gw' parameter at /userRpm/WanDynamicIpV6CfgRpm.htm. This vulnerability allows attackers to cause a Denial of Service (...

CWE-4042025

CVE-2022-23242

MEDIUM

CVSS:4.2(Medium)

TeamViewer Linux versions before 15.28 do not properly execute a deletion command for the connection password in case of a process crash. Knowledge of the crash event and the TeamViewer ID as well as ...

CWE-4042022

CVE-2013-1055

MEDIUM

CVSS:4.3(Medium)

The unity-firefox-extension package could be tricked into dropping a C callback which was still in use, which Firefox would then free, causing Firefox to crash. This could be achieved by adding an act...

CWE-4042013