#VU8009 Denial of service in Xen - CVE-2017-15596

Cybersecurity Help s.r.o.

Published: 2017-08-25 | Updated: 2020-07-28

Vulnerability identifier: #VU8009

Vulnerability risk: Low

CVSSv4.0: 1.2 [CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2017-15596

CWE-ID: CWE-789

Exploitation vector: Local network

Exploit availability: No

Vulnerable software:
Xen
Server applications / Virtualization software

Vendor: Xen Project

Description
The vulnerability allows a local attacker on guest system to cause DoS condition on the host system.

The weakness exists due to improper memory allocation. A local attacker can trigger a flaw in the add-to-physmap function, prevent use of a physical CPU and cause the application on the host system to crash.

Successful exploitation of the vulnerability results in denial of service.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Xen: 4.4.0 - 4.9.0

External links
https://xenbits.xen.org/xsa/advisory-235.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Denial of service in xen (Alpine package)

Denial of service in Xen