SUSE Linux update for xen
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 3 |
| CVE-ID | CVE-2017-14316 CVE-2017-14317 CVE-2017-14319 |
| CWE-ID | CWE-787 CWE-362 CWE-264 |
| Exploitation vector | Local network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
SUSE Linux Operating systems & Components / Operating system |
| Vendor | SUSE |
Security Bulletin
This security bulletin contains information about 3 vulnerabilities.
1) Out-of-bounds write
EUVDB-ID: #VU8424
Risk: Low
CVSSv3.1: 8.3 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-14316
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows an adjacent attacker to execute arbitrary code on the host system.
The weakness exists due to out-of-bounds array access in the processing of NUMA node
parameters. An adjacent attacker can invoke specially crafted hypercalls and execute arbitrary code with elevated privileges.
Update the affected packages.
SUSE Linux: 11
External linkshttp://lists.opensuse.org/opensuse-security-announce/2017-10/msg00000.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Race condition
EUVDB-ID: #VU8426
Risk: Low
CVSSv3.1: 5.7 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-14317
Exploit availability: No
DescriptionThe vulnerability allows an adjacent attacker to cause DoS condition on the host system.
The weakness exists due to race condition in cxenstored. An adjacent attacker can shut down a virtual machine with a stubdomain, trigger a double-free memory error and cause the xenstored daemon to crash.
The vulnerability is exploitable on the systems running the C
version os xenstored ("xenstored") and running devicemodel stubdomains.
Update the affected packages.
SUSE Linux: 11
External linkshttp://lists.opensuse.org/opensuse-security-announce/2017-10/msg00000.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Privilege escalation
EUVDB-ID: #VU8427
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-14319
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows an adjacent attacker to gain elevated privileges or cause DoS condition on the host system.
The weakness exists due to a flaw in grant unmapping. A local attacker on
an x86 PV guest system can gain
elevated privileges on the host system or cause the hypervisor to crash.
Update the affected packages.
SUSE Linux: 11
External linkshttp://lists.opensuse.org/opensuse-security-announce/2017-10/msg00000.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
