PT-2017-2369 · Xen+2 · Xen+2

Jann Horn

Published

2017-04-04

Updated

2019-10-03

CVE-2017-7228

CVSS v3.1

8.2

High

Vector

AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Xen versions 4.4.x through 4.8.x

Description The issue is related to inadequate access control in the Xen hypervisor. It allows a local attacker to access hypervisor memory outside of the guest-provided input/output arrays due to insufficient checking of XENMEM exchange input, which was introduced by the earlier XSA-29 fix.

Recommendations For versions 4.4.x through 4.8.x, apply the available fixes to resolve the issue. As a temporary workaround, consider restricting access to the XENMEM exchange input to minimize the risk of exploitation.

Exploit

Fix

Improper Validation of Array Index

Improper Access Control

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-129CWE-284

Related Identifiers

ALT-PU-2017-1483

BDU:2017-01569

CVE-2017-7228

DLA-907-1

DSA-3847-1

OPENSUSE-SU-2017_1078-1

SUSE-SU-2017:0983-1

SUSE-SU-2017:1058-1

SUSE-SU-2017:1080-1

SUSE-SU-2017:1081-1

Affected Products

Alt Linux

Suse

Xen

PT-2017-2369 · Xen+2 · Xen+2

CVE-2017-7228

Weakness Enumeration

Related Identifiers

Affected Products

References · 62