Denial of service in Xen - CVE-2017-10917
Published: June 21, 2017 / Updated: July 28, 2020
Vulnerability identifier: #VU7148
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/E:U/U:Clear
CVE-ID: CVE-2017-10917
CWE-ID: CWE-284
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: Xen Project
Affected software:
Xen
Xen
Detailed vulnerability description
The vulnerability allows a local attacker on the guest system to cause DoS condition.
The weakness exists due to access control flaw in the hypervisor in event channel polling. A local attacker can cause the target host system to crash.
Successful exploitation of the vulnerability results in denial of service.
The weakness exists due to access control flaw in the hypervisor in event channel polling. A local attacker can cause the target host system to crash.
Successful exploitation of the vulnerability results in denial of service.
How to mitigate CVE-2017-10917
Install update from vendor's website.