SB2018030401 - Debian update for xen
Published: March 4, 2018
Security Bulletin ID
SB2018030401
CSH Severity
Medium
Patch available
YES
Number of vulnerabilities
3
Exploitation vector
Adjecent network
Highest impact
Code execution
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 3 vulnerabilities.
1) Resource exhaustion (CVE-ID: CVE-2018-7540)
CWE-ID: CWE-400 - Resource exhaustion
CVSSv4: CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
The vulnerability allows an adjacent authenticated attacker to cause a DoS condition on the target system.
The weakness exists due to non-preemptable L3/L4 pagetable freeing. An adjacent attacker can exhaust all available CPU resources and cause the service to crash.
2) Memory corruption (CVE-ID: CVE-2018-7541)
CWE-ID: CWE-119 - Memory corruption
CVSSv4: CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows an adjacent attacker to cause DoS condition and gain elevated privileges on the target system.
The weakness exists due to an error when transitioning from v2 to v1. An adjacent attacker can trigger memory corruption, cause the service to crash and gain root privileges.
3) NULL pointer dereference (CVE-ID: CVE-2018-7542)
CWE-ID: CWE-476 - NULL Pointer Dereference
CVSSv4: CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows an adjacent attacker to cause DoS condition on the target system.
The weakness exists due to NULL pointer dereference. An adjacent attacker can cause the service to crash by leveraging the mishandling of configurations that lack a Local APIC.
Remediation
Install update from vendor's website.