PT-2017-11604 · Xen+1 · Xen+1
Jann Horn
·
Published
2017-07-05
·
Updated
2017-11-04
·
CVE-2017-10914
CVSS v3.1
8.1
High
| Vector | AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Xen versions prior to 4.9
Description
The issue is related to a race condition in the grant-table feature, which can lead to a double free. This can cause a denial of service due to memory consumption, or potentially allow attackers to obtain sensitive information or gain privileges.
Recommendations
For versions prior to 4.9, update to version 4.9 or later to resolve the issue.
Fix
DoS
Race Condition
Double Free
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Suse
Xen