SB2018022709 - Denial of service in Xen
Published: February 27, 2018
Security Bulletin ID
SB2018022709
Severity
Low
Patch available
YES
Number of vulnerabilities
3
Exploitation vector
Adjecent network
Highest impact
Code execution
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 3 secuirty vulnerabilities.
1) NULL pointer dereference (CVE-ID: CVE-2018-7542)
The vulnerability allows an adjacent attacker to cause DoS condition on the target system.
The vulnerability exists due to a NULL pointer dereference in multiple paths without the presence of a Local APIC. An adjacent attacker can crash the hypervisor and cause a denial of service.
2) Memory corruption (CVE-ID: CVE-2018-7541)
The vulnerability allows an adjacent attacker to cause DoS condition and gain elevated privileges on the target system.The weakness exists due to an error when transitioning from v2 to v1. An adjacent attacker can trigger memory corruption, cause the service to crash and gain root privileges.
3) Resource exhaustion (CVE-ID: CVE-2018-7540)
The vulnerability allows an adjacent authenticated attacker to cause a DoS condition on the target system.The weakness exists due to non-preemptable L3/L4 pagetable freeing. An adjacent attacker can exhaust all available CPU resources and cause the service to crash.
Remediation
Install update from vendor's website.