CVE-2017-12855
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Xen maintains the _GTF_{read,writ}ing bits as appropriate, to inform the guest that a grant is in use. A guest is expected not to modify the grant details while it is in use, whereas the guest is free to modify/reuse the grant entry when it is not in use. Under some circumstances, Xen will clear the status bits too early, incorrectly informing the guest that the grant is no longer in use. A guest may prematurely believe that a granted frame is safely private again, and reuse it in a way which contains sensitive information, while the domain on the far end of the grant is still using the grant. Xen 4.9, 4.8, 4.7, 4.6, and 4.5 are affected.
Xen mantiene los bits _GTF_{read,writ}ing como apropiados para informar al invitado de que se está empleando una sentencia grant. Se espera que el invitado no modifique los detalles de la sentencia grant mientras se está utilizando, aunque puede modificar/reusar la entrada grant cuando no está en uso. Bajo algunas circunstancias, Xen limpiará los bits de estado demasiado pronto, informando al invitado de forma incorrecta que la sentencia grant ya no se está utilizando. Un invitado podría creer prematuramente que un marco de concesión vuelve a ser privado de forma segura y reutilizarlo de forma que contenga información sensible, mientras que el dominio en el extremo de la sentencia grant sigue utilizándola. Xen 4.9, 4.8, 4.7, 4.6, y 4.5 se han visto afectadas.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2017-08-15 CVE Reserved
- 2017-08-15 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CAPEC
References (5)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/100341 | Third Party Advisory | |
| http://www.securitytracker.com/id/1039177 | Third Party Advisory | |
| https://support.citrix.com/article/CTX225941 | X_refsource_confirm |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www.debian.org/security/2017/dsa-3969 | 2017-11-15 | |
| http://xenbits.xen.org/xsa/advisory-230.html | 2017-11-15 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Xen Search vendor "Xen" | Xen Search vendor "Xen" for product "Xen" | 4.5.0 Search vendor "Xen" for product "Xen" and version "4.5.0" | - |
Affected
| ||||||
| Xen Search vendor "Xen" | Xen Search vendor "Xen" for product "Xen" | 4.5.1 Search vendor "Xen" for product "Xen" and version "4.5.1" | - |
Affected
| ||||||
| Xen Search vendor "Xen" | Xen Search vendor "Xen" for product "Xen" | 4.5.2 Search vendor "Xen" for product "Xen" and version "4.5.2" | - |
Affected
| ||||||
| Xen Search vendor "Xen" | Xen Search vendor "Xen" for product "Xen" | 4.5.3 Search vendor "Xen" for product "Xen" and version "4.5.3" | - |
Affected
| ||||||
| Xen Search vendor "Xen" | Xen Search vendor "Xen" for product "Xen" | 4.5.5 Search vendor "Xen" for product "Xen" and version "4.5.5" | - |
Affected
| ||||||
| Xen Search vendor "Xen" | Xen Search vendor "Xen" for product "Xen" | 4.6.0 Search vendor "Xen" for product "Xen" and version "4.6.0" | - |
Affected
| ||||||
| Xen Search vendor "Xen" | Xen Search vendor "Xen" for product "Xen" | 4.6.1 Search vendor "Xen" for product "Xen" and version "4.6.1" | - |
Affected
| ||||||
| Xen Search vendor "Xen" | Xen Search vendor "Xen" for product "Xen" | 4.6.3 Search vendor "Xen" for product "Xen" and version "4.6.3" | - |
Affected
| ||||||
| Xen Search vendor "Xen" | Xen Search vendor "Xen" for product "Xen" | 4.6.4 Search vendor "Xen" for product "Xen" and version "4.6.4" | - |
Affected
| ||||||
| Xen Search vendor "Xen" | Xen Search vendor "Xen" for product "Xen" | 4.6.5 Search vendor "Xen" for product "Xen" and version "4.6.5" | - |
Affected
| ||||||
| Xen Search vendor "Xen" | Xen Search vendor "Xen" for product "Xen" | 4.6.6 Search vendor "Xen" for product "Xen" and version "4.6.6" | - |
Affected
| ||||||
| Xen Search vendor "Xen" | Xen Search vendor "Xen" for product "Xen" | 4.7.0 Search vendor "Xen" for product "Xen" and version "4.7.0" | - |
Affected
| ||||||
| Xen Search vendor "Xen" | Xen Search vendor "Xen" for product "Xen" | 4.7.1 Search vendor "Xen" for product "Xen" and version "4.7.1" | - |
Affected
| ||||||
| Xen Search vendor "Xen" | Xen Search vendor "Xen" for product "Xen" | 4.7.2 Search vendor "Xen" for product "Xen" and version "4.7.2" | - |
Affected
| ||||||
| Xen Search vendor "Xen" | Xen Search vendor "Xen" for product "Xen" | 4.7.3 Search vendor "Xen" for product "Xen" and version "4.7.3" | - |
Affected
| ||||||
| Xen Search vendor "Xen" | Xen Search vendor "Xen" for product "Xen" | 4.8.0 Search vendor "Xen" for product "Xen" and version "4.8.0" | - |
Affected
| ||||||
| Xen Search vendor "Xen" | Xen Search vendor "Xen" for product "Xen" | 4.8.1 Search vendor "Xen" for product "Xen" and version "4.8.1" | - |
Affected
| ||||||
| Xen Search vendor "Xen" | Xen Search vendor "Xen" for product "Xen" | 4.9.0 Search vendor "Xen" for product "Xen" and version "4.9.0" | - |
Affected
| ||||||