Race condition in Xen - CVE-2017-10914
Published: July 13, 2017
Vulnerability identifier: #VU7501
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2017-10914
CWE-ID: CWE-362
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: Xen Project
Affected software:
Xen
Xen
Detailed vulnerability description
The vulnerability allows a local attacker to cause DoS conditions.
The weakness exists due to a race condition in the grant-table feature. A local attacker can trigger double free error and memory consumption and cause the application to crash.
Successful exploitation of the vulnerability results in denial of service.
The weakness exists due to a race condition in the grant-table feature. A local attacker can trigger double free error and memory consumption and cause the application to crash.
Successful exploitation of the vulnerability results in denial of service.
How to mitigate CVE-2017-10914
Install update from vendor's website.