PT-2018-13037 · Xen+1 · Xen+1

王磊

Publicado

2018-08-16

Atualizado

2024-06-15

CVE-2018-15469

CVSS v3.1

6.5

Média

Vetor

AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Xen versions prior to 4.12

Description An issue in Xen allows an unprivileged guest to cause a denial-of-service (crash) in the hypervisor. This occurs because ARM never properly implemented grant table v2, either in the hypervisor or in Linux, but an ARM guest can still request v2 grant tables. When these are not properly set up, subsequent grant-related hypercalls will hit BUG() checks, resulting in a crash.

Recommendations For Xen versions prior to 4.12, update to version 4.12 or later to resolve the issue.

Correção

DoS

Resource Exhaustion

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-400

Identificadores relacionados

CVE-2018-15469

DLA-1577-1

DSA-4274-1

OPENSUSE-SU-2018_4304-1

OPENSUSE-SU-2024:11520-1

SUSE-SU-2018:3490-1

SUSE-SU-2018:4300-1

Produtos afetados

Suse

Xen

PT-2018-13037 · Xen+1 · Xen+1

CVE-2018-15469

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 130