#VU8425 Null pointer dereference in Xen - CVE-2017-14318
Published: September 14, 2017
Vulnerability identifier: #VU8425
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2017-14318
CWE-ID: CWE-476
Exploitation vector: Adjecent network
Exploit availability:
No public exploit available
Vulnerable software:
Xen
Xen
Software vendor:
Xen Project
Xen Project
Description
The vulnerability allows an adjacent attacker to gain elevated privileges or cause DoS condition on the host system.
The weakness exists due to NULL pointer deference in certain GNTTABOP_cache_flush grant table operations. If exploited on x86-based PV guest systems without SMAP enabled, an adjacent attacker can gain elevated privileges. If exploited on ARM-based guest systems and x86-based PV guest systems that have SMAP enabled, an adjacent attacker can cause the host system to crash.
The weakness exists due to NULL pointer deference in certain GNTTABOP_cache_flush grant table operations. If exploited on x86-based PV guest systems without SMAP enabled, an adjacent attacker can gain elevated privileges. If exploited on ARM-based guest systems and x86-based PV guest systems that have SMAP enabled, an adjacent attacker can cause the host system to crash.
Remediation
Install update from vendor's website.