Published: 12/09/2017 Updated: 03/10/2019

CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9

CVSS v3 Base Score: 8.8 | Impact Score: 6 | Exploitability Score: 2

VMScore: 641

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

A grant unmapping issue exists in Xen up to and including 4.9.x. When removing or replacing a grant mapping, the x86 PV specific path needs to make sure page table entries remain in sync with other accounting done. Although the identity of the page frame was validated correctly, neither the presence of the mapping nor page writability were taken into account.

Vulnerable Product	Search on Vulmon	Subscribe to Product
xen xen

A grant unmapping issue was discovered in Xen through 49x When removing or replacing a grant mapping, the x86 PV specific path needs to make sure page table entries remain in sync with other accounting done Although the identity of the page frame was validated correctly, neither the presence of the mapping nor page writability were taken into a ...

Description of Problem A number of security vulnerabilities have been identified in Citrix XenServer that may allow a malicious administrator of a guest VM to compromise the host These vulnerabilities affect all currently supported versions of Citrix XenServer up to and including Citrix XenServer 72 The following vulnerabilities have been addres ...

NVD-CWE-noinfo http://xenbits.xen.org/xsa/advisory-234.html http://www.securitytracker.com/id/1039351 http://www.securityfocus.com/bid/100819 https://support.citrix.com/article/CTX227185 https://www.debian.org/security/2017/dsa-4050 https://lists.debian.org/debian-lts-announce/2018/10/msg00009.html https://nvd.nist.gov https://access.redhat.com/security/cve/cve-2017-14319

CVE-2017-14319

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect