#VU7505 Memory corruption in Xen - CVE-2017-10920
Vulnerability identifier: #VU7505
Vulnerability risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID:
CWE-ID:
CWE-119
Exploitation vector: Local
Exploit availability: No
Vulnerable software:
Xen
Server applications /
Virtualization software
Vendor: Xen Project
Description
The vulnerability allows a local attacker to cause DoS conditions.
The weakness exists due to improper handling of a GNTMAP_device_map and GNTMAP_host_map mapping by the grant-table feature, when followed by only a GNTMAP_host_map unmapping. A local attacker can trigger count mismanagement and memory corruption and cause the application to crash.
Successful exploitation of the vulnerability results in denial of service.
Mitigation
Install update from vendor's website.
Vulnerable software versions
Xen: 4.5.0 - 4.8.1
External links
https://xenbits.xen.org/xsa/advisory-224.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
