#VU8424 Out-of-bounds write in Xen


Published: 2017-09-14

Vulnerability identifier: #VU8424

Vulnerability risk: Low

CVSSv3.1: 8.3 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2017-14316

CWE-ID: CWE-787

Exploitation vector: Local network

Exploit availability: No

Vulnerable software:
Xen
Server applications / Virtualization software

Vendor: Xen Project

Description
The vulnerability allows an adjacent attacker to execute arbitrary code on the host system.

The weakness exists due to out-of-bounds array access in the processing of NUMA node parameters. An adjacent attacker can invoke specially crafted hypercalls and execute arbitrary code with elevated privileges.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Xen: 4.5.0 - 4.9.0

External links
http://xenbits.xen.org/xsa/advisory-231.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Debian update for xen
Out-of-bounds write in xen (Alpine package)
SUSE Linux update for xen
SUSE Linux update for xen
OpenSUSE Linux update for xen
OpenSUSE Linux update for xen
Multiple vulnerabilities in Xen
SUSE Linux update for xen