Multiple vulnerabilities in Xen
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2018-10472 CVE-2018-10471 |
| CWE-ID | CWE-200 |
| Exploitation vector | Local network |
| Public exploit | N/A |
| Vulnerable software |
Xen Server applications / Virtualization software |
| Vendor | Xen Project |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Information disclosure
EUVDB-ID: #VU12287
Risk: Low
CVSSv4.0: 1.3 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-10472
CWE-ID:
CWE-200 - Exposure of sensitive information to an unauthorized actor
Exploit availability: No
DescriptionThe vulnerability allows an adjacent attacker to obtain potentially sensitive information.
The weakness exists due to improper information control. An adjacent attacker can supply a specially crafted CDROM image to read arbitrary files or device nodes on the dom0 filesystem with the privileges of the quem devicemodel process.
MitigationInstall update from vendor's website.
Vulnerable software versionsXen: 4.6.0 - 4.10.0
CPE2.3- cpe:2.3:a:xen_project:xen:4.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:xen_project:xen:4.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:xen_project:xen:4.6.3:*:*:*:*:*:*:*
https://xenbits.xen.org/xsa/advisory-258.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Error handling
EUVDB-ID: #VU12288
Risk: Low
CVSSv4.0: 4.9 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-10471
CWE-ID: N/A
Exploit availability: No
DescriptionThe vulnerability allows an adjacent attacker to cause DoS condition on the target system.
The weakness exists due to error handling flaw. An adjacent attacker can cause the service to crash.
MitigationInstall update from vendor's website.
Xen: 4.6.0 - 4.10.0
CPE2.3- cpe:2.3:a:xen_project:xen:4.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:xen_project:xen:4.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:xen_project:xen:4.6.3:*:*:*:*:*:*:*
https://xenbits.xen.org/xsa/advisory-259.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
