PT-2017-3163 · Xen+1 · Xen+1

Publicado

2017-10-24

Atualizado

2019-10-03

CVE-2017-15597

CVSS v3.1

9.1

Crítica

Vetor

AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Xen versions prior to 4.10

Description A problem has been discovered in the grant copying code, where it was assumed that any grant pin would be accompanied by a suitable page reference. However, this assumption is incorrect when the grant copy operation is performed on a grant of a dying domain. This can cause hypervisor memory corruption, likely resulting in a host crash and denial of service. It is also possible that an attacker could escalate privileges or leak protected information.

Recommendations For Xen versions prior to 4.10, update to a newer version to mitigate the risk of exploitation. As a temporary workaround, consider restricting access to the grant copying functionality to minimize the risk of exploitation.

Correção

DoS

Buffer Overflow

Information Disclosure

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-119CWE-200CWE-264

Identificadores relacionados

BDU:2017-02575

CVE-2017-15597

DLA-1549-1

DSA-4050-1

OPENSUSE-SU-2017_3193-1

OPENSUSE-SU-2017_3194-1

SUSE-SU-2017:3115-1

SUSE-SU-2017:3178-1

SUSE-SU-2017:3212-1

SUSE-SU-2017:3236-1

SUSE-SU-2017:3239-1

SUSE-SU-2017:3242-1

Produtos afetados

Suse

Xen

PT-2017-3163 · Xen+1 · Xen+1

CVE-2017-15597

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 46