CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-15593
https://notcve.org/view.php?id=CVE-2017-15593
An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to cause a denial of service (memory leak) because reference counts are mishandled. Se ha descubierto un problema en Xen hasta las versiones 4.9.x que permite que usuarios invitados del sistema operativo x86 PV provoquen una denegación de servicio (fuga de memoria) debido a que se gestiona de manera incorrecta el recuento de referencias. • http://www.securitytracker.com/id/1039568 https://lists.debian.org/debian-lts-announce/2017/11/msg00027.html https://lists.debian.org/debian-lts-announce/2018/10/msg00021.html https://security.gentoo.org/glsa/201801-14 https://support.citrix.com/article/CTX228867 https://www.debian.org/security/2017/dsa-4050 https://xenbits.xen.org/xsa/advisory-242.html • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-15594
https://notcve.org/view.php?id=CVE-2017-15594
An issue was discovered in Xen through 4.9.x allowing x86 SVM PV guest OS users to cause a denial of service (hypervisor crash) or gain privileges because IDT settings are mishandled during CPU hotplugging. Se ha descubierto un problema en Xen hasta las versiones 4.9.x que permite que usuarios invitados del sistema operativo x86 SVM PV provoquen una denegación de servicio (cierre inesperado del hipervisor) o que puedan obtener privilegios debido a que se gestionó de manera incorrecta la configuración IDT durante la conexión directa a la CPU. • http://www.securitytracker.com/id/1039568 https://lists.debian.org/debian-lts-announce/2018/10/msg00021.html https://security.gentoo.org/glsa/201801-14 https://support.citrix.com/article/CTX228867 https://www.debian.org/security/2017/dsa-4050 https://xenbits.xen.org/xsa/advisory-244.html •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2017-15595 – Xen - Pagetable De-typing Unbounded Recursion
https://notcve.org/view.php?id=CVE-2017-15595
An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to cause a denial of service (unbounded recursion, stack consumption, and hypervisor crash) or possibly gain privileges via crafted page-table stacking. Se ha descubierto un problema en Xen hasta las versiones 4.9.x que permite que usuarios invitados del sistema operativo x86 PV provoquen una denegación de servicio (recursión infinita consumo de pila y cierre inesperado del hipervisor) o que puedan obtener privilegios mediante el apilamiento manipulado de tablas de paginación. • https://www.exploit-db.com/exploits/43014 https://lists.debian.org/debian-lts-announce/2017/11/msg00027.html https://lists.debian.org/debian-lts-announce/2018/10/msg00021.html https://security.gentoo.org/glsa/201801-14 https://support.citrix.com/article/CTX228867 https://www.debian.org/security/2017/dsa-4050 https://xenbits.xen.org/xsa/advisory-240.html • CWE-400: Uncontrolled Resource Consumption •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-14316
https://notcve.org/view.php?id=CVE-2017-14316
A parameter verification issue was discovered in Xen through 4.9.x. The function `alloc_heap_pages` allows callers to specify the first NUMA node that should be used for allocations through the `memflags` parameter; the node is extracted using the `MEMF_get_node` macro. While the function checks to see if the special constant `NUMA_NO_NODE` is specified, it otherwise does not handle the case where `node >= MAX_NUMNODES`. This allows an out-of-bounds access to an internal array. Existe un problema de verificación de parámetros en Xen hasta la versión 4.9.x. • http://www.securityfocus.com/bid/100818 http://www.securitytracker.com/id/1039348 http://xenbits.xen.org/xsa/advisory-231.html https://lists.debian.org/debian-lts-announce/2018/10/msg00009.html https://support.citrix.com/article/CTX227185 https://www.debian.org/security/2017/dsa-4050 • CWE-125: Out-of-bounds Read •
CVSS: 5.6EPSS: 0%CPEs: 1EXPL: 0CVE-2017-14317
https://notcve.org/view.php?id=CVE-2017-14317
A domain cleanup issue was discovered in the C xenstore daemon (aka cxenstored) in Xen through 4.9.x. When shutting down a VM with a stubdomain, a race in cxenstored may cause a double-free. The xenstored daemon may crash, resulting in a DoS of any parts of the system relying on it (including domain creation / destruction, ballooning, device changes, etc.). Se ha descubierto un problema de limpieza de dominio en el demonio C xenstore (también conocido como cxenstored) en Xen hasta la versión 4.9.x. Cuando se apaga una VM con un dominio stub, una carrera en cxenstored podría causar una liberación doble (double-free). • http://www.securityfocus.com/bid/100826 http://www.securitytracker.com/id/1039350 http://xenbits.xen.org/xsa/advisory-233.html https://lists.debian.org/debian-lts-announce/2018/10/msg00009.html https://www.debian.org/security/2017/dsa-4050 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •