CVE-2017-17566
HIGH
7,8
Source: [email protected]
Attack Vector: local
Attack Complexity: high
Privileges Required: low
User Interaction: none
Scope: changed
Confidentiality: high
Integrity: high
Availability: high
MEDIUM
6,9
Source: [email protected]
Access Vector: local
Access Complexity: medium
Authentication: none
Confidentiality: complete
Integrity: complete
Availability: complete
Description
AI Translation Available
An issue was discovered in Xen through 4.9.x allowing PV guest OS users to cause a denial of service (host OS crash) or gain host OS privileges in shadow mode by mapping a certain auxiliary page.
EPSS (Exploit Prediction Scoring System)
Trend Analysis
EPSS (Exploit Prediction Scoring System)
Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.
EPSS Score
0,0011
Percentile
0,3th
Updated
EPSS Score Trend (Last 90 Days)
Operating System
Xen by Xen
Version Range Affected
To
4.9.1
(inclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:o:xen:xen:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
https://lists.debian.org/debian-lts-announce/2018/01/msg00003.html
https://lists.debian.org/debian-lts-announce/2018/10/msg00009.html
https://security.gentoo.org/glsa/201801-14
https://support.citrix.com/article/CTX232096
https://www.debian.org/security/2018/dsa-4112
https://xenbits.xen.org/xsa/advisory-248.html
http://www.openwall.com/lists/oss-security/2017/12/12/4
http://www.securityfocus.com/bid/102167
http://www.securitytracker.com/id/1040768
https://lists.debian.org/debian-lts-announce/2018/01/msg00003.html
https://lists.debian.org/debian-lts-announce/2018/10/msg00009.html
https://security.gentoo.org/glsa/201801-14
https://support.citrix.com/article/CTX232096
https://www.debian.org/security/2018/dsa-4112
https://xenbits.xen.org/xsa/advisory-248.html
http://www.openwall.com/lists/oss-security/2017/12/12/4
http://www.securityfocus.com/bid/102167
http://www.securitytracker.com/id/1040768