CVE-2017-15595 - OpenCVE

An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to cause a denial of service (unbounded recursion, stack consumption, and hypervisor crash) or possibly gain privileges via crafted page-table stacking.

No CVSS v3.1

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:L/AC:L/Au:N/C:C/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Xen	Xen

Configuration 1 [-]

cpe:2.3:o:xen:xen:*:*:*:*:*:*:*:*

References

Link	Resource
https://lists.debian.org/debian-lts-announce/2017/11/msg00027.html
https://lists.debian.org/debian-lts-announce/2018/10/msg00021.html
https://security.gentoo.org/glsa/201801-14
https://support.citrix.com/article/CTX228867
https://www.debian.org/security/2017/dsa-4050
https://www.exploit-db.com/exploits/43014/
https://xenbits.xen.org/xsa/advisory-240.html	Mitigation Patch Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2017-10-18T08:00:00

Updated: 2018-10-30T09:57:01

Reserved: 2017-10-18T00:00:00

Link: CVE-2017-15595

JSON object: View

NVD Information

Status : Modified

Published: 2017-10-18T08:29:00.577

Modified: 2018-10-30T10:29:04.970

Link: CVE-2017-15595

JSON object: View

Redhat Information

No data.

CWE

CWE-400

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2017-10-18T00:00:00", "descriptions": [{"lang": "en", "value": "An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to cause a denial of service (unbounded recursion, stack consumption, and hypervisor crash) or possibly gain privileges via crafted page-table stacking."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-30T09:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "[debian-lts-announce] 20181030 [SECURITY] [DLA 1559-1] xen security update", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.debian.org/debian-lts-announce/2018/10/msg00021.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://xenbits.xen.org/xsa/advisory-240.html"}, {"name": "[debian-lts-announce] 20171120 [SECURITY] [DLA 1181-1] xen security update", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00027.html"}, {"name": "DSA-4050", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "https://www.debian.org/security/2017/dsa-4050"}, {"name": "43014", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "https://www.exploit-db.com/exploits/43014/"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://support.citrix.com/article/CTX228867"}, {"name": "GLSA-201801-14", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/201801-14"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2017-15595", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to cause a denial of service (unbounded recursion, stack consumption, and hypervisor crash) or possibly gain privileges via crafted page-table stacking."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "[debian-lts-announce] 20181030 [SECURITY] [DLA 1559-1] xen security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2018/10/msg00021.html"}, {"name": "https://xenbits.xen.org/xsa/advisory-240.html", "refsource": "CONFIRM", "url": "https://xenbits.xen.org/xsa/advisory-240.html"}, {"name": "[debian-lts-announce] 20171120 [SECURITY] [DLA 1181-1] xen security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00027.html"}, {"name": "DSA-4050", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2017/dsa-4050"}, {"name": "43014", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/43014/"}, {"name": "https://support.citrix.com/article/CTX228867", "refsource": "CONFIRM", "url": "https://support.citrix.com/article/CTX228867"}, {"name": "GLSA-201801-14", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201801-14"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2017-15595", "datePublished": "2017-10-18T08:00:00", "dateReserved": "2017-10-18T00:00:00", "dateUpdated": "2018-10-30T09:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:xen:xen:*:*:*:*:*:*:*:*", "matchCriteriaId": "7F6BF42B-66A0-4659-9FDC-BE30CE3801CF", "versionEndIncluding": "4.9.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to cause a denial of service (unbounded recursion, stack consumption, and hypervisor crash) or possibly gain privileges via crafted page-table stacking."}, {"lang": "es", "value": "Se ha descubierto un problema en Xen hasta las versiones 4.9.x que permite que usuarios invitados del sistema operativo x86 PV provoquen una denegaci\u00f3n de servicio (recursi\u00f3n infinita consumo de pila y cierre inesperado del hipervisor) o que puedan obtener privilegios mediante el apilamiento manipulado de tablas de paginaci\u00f3n."}], "id": "CVE-2017-15595", "lastModified": "2018-10-30T10:29:04.970", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 2.0, "impactScore": 6.0, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-10-18T08:29:00.577", "references": [{"source": "cve@mitre.org", "url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00027.html"}, {"source": "cve@mitre.org", "url": "https://lists.debian.org/debian-lts-announce/2018/10/msg00021.html"}, {"source": "cve@mitre.org", "url": "https://security.gentoo.org/glsa/201801-14"}, {"source": "cve@mitre.org", "url": "https://support.citrix.com/article/CTX228867"}, {"source": "cve@mitre.org", "url": "https://www.debian.org/security/2017/dsa-4050"}, {"source": "cve@mitre.org", "url": "https://www.exploit-db.com/exploits/43014/"}, {"source": "cve@mitre.org", "tags": ["Mitigation", "Patch", "Vendor Advisory"], "url": "https://xenbits.xen.org/xsa/advisory-240.html"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-400"}], "source": "nvd@nist.gov", "type": "Primary"}]}