SB2018051742 - Infinite loop in xen (Alpine package)
Published: May 17, 2018
Security Bulletin ID
SB2018051742
CSH Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Adjecent network
Highest impact
Partial DoS
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 vulnerability.
1) Infinite loop (CVE-ID: CVE-2018-10981)
CWE-ID: CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
CVSSv4: CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows an adjacent attacker to cause DoS condition on the target system.
The weakness exists due to a failure to reject invalid transitions between states. An adjacent attacker can submit a specially crafted request designed to force the QEMU device model on the system to switch the request between two states, trigger infinite loop and cause the service to crash.
Remediation
Install update from vendor's website.
References
- https://git.alpinelinux.org/aports/commit/?id=cf5828feef63ab62588f29482b15001535c73719
- https://git.alpinelinux.org/aports/commit/?id=66ff4f8a6b71dd204bc568c21c45941d612402c2
- https://git.alpinelinux.org/aports/commit/?id=96018bf2841ac59b632f6d84ad6247b5b825dc3a
- https://git.alpinelinux.org/aports/commit/?id=5f72054ca4ac3f0f8f05c17a83a9c203f580bddc
- https://git.alpinelinux.org/aports/commit/?id=d2a71459869989207ef392e3d8338330ee055a7f
- https://git.alpinelinux.org/aports/commit/?id=9a8ee8c0046132a4ccaab5cffc615967367db70d
- https://git.alpinelinux.org/aports/commit/?id=9bdda5f2061773ab7f74bacd75ba922ce5fef8ac