Published: 18/10/2017 Updated: 16/01/2018

CVSS v2 Base Score: 4.9 | Impact Score: 6.9 | Exploitability Score: 3.9

CVSS v3 Base Score: 6.5 | Impact Score: 4 | Exploitability Score: 2

VMScore: 436

Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C

An issue exists in Xen 4.5.x up to and including 4.9.x allowing attackers (who control a stub domain kernel or tool stack) to cause a denial of service (host OS crash) because of a missing comparison (of range start to range end) within the DMOP map/unmap implementation.

Vulnerable Product	Search on Vulmon	Subscribe to Product
xen xen 4.6.1
xen xen 4.6.3
xen xen 4.7.3
xen xen 4.8.0
xen xen 4.5.2
xen xen 4.5.3
xen xen 4.6.6
xen xen 4.7.0
xen xen 4.5.0
xen xen 4.5.1
xen xen 4.6.4
xen xen 4.6.5
xen xen 4.8.1
xen xen 4.9.0
xen xen 4.5.5
xen xen 4.6.0
xen xen 4.7.1
xen xen 4.7.2

An issue was discovered in Xen 45x through 49x allowing attackers (who control a stub domain kernel or tool stack) to cause a denial of service (host OS crash) because of a missing comparison (of range start to range end) within the DMOP map/unmap implementation ...

CWE-20 https://xenbits.xen.org/xsa/advisory-238.html https://security.gentoo.org/glsa/201801-14 https://nvd.nist.gov https://access.redhat.com/security/cve/cve-2017-15591

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2017-15591

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect