CVE-2017-7995 - OpenCVE

Xen PV guest before Xen 4.3 checked access permissions to MMIO ranges only after accessing them, allowing host PCI device space memory reads, leading to information disclosure. This is an error in the get_user function. NOTE: the upstream Xen Project considers versions before 4.5.x to be EOL.

No CVSS v3.1

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Local

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:L/AC:L/Au:S/C:P/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Novell	Suse Linux Enterprise Point Of Sale Suse Linux Enterprise Server
Suse	Manager Manager Proxy Openstack Cloud
Xen	Xen

Configuration 1 [-]

cpe:2.3:o:xen:xen:*:*:*:*:*:*:*:*

Configuration 2 [-]

OR	cpe:2.3:a:suse:manager:2.1:::::::*
	cpe:2.3:a:suse:manager_proxy:2.1:::::::*
	cpe:2.3:a:suse:openstack_cloud:5:::::::*
	cpe:2.3:o:novell:suse_linux_enterprise_point_of_sale:11.0:sp3::::::
	cpe:2.3:o:novell:suse_linux_enterprise_server:11.0:sp3:::ltss:::*

References

Link	Resource
http://lists.opensuse.org/opensuse-security-announce/2017-05/msg00005.html	Third Party Advisory
http://www.securityfocus.com/bid/98314	Third Party Advisory VDB Entry
https://bugzilla.suse.com/show_bug.cgi?id=1033948	Issue Tracking Third Party Advisory VDB Entry

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2017-05-03T19:00:00

Updated: 2017-05-08T09:57:01

Reserved: 2017-04-21T00:00:00

Link: CVE-2017-7995

JSON object: View

NVD Information

Status : Analyzed

Published: 2017-05-03T19:59:00.143

Modified: 2017-05-15T17:45:10.270

Link: CVE-2017-7995

JSON object: View

Redhat Information

No data.

CWE

CWE-200

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2017-05-03T00:00:00", "descriptions": [{"lang": "en", "value": "Xen PV guest before Xen 4.3 checked access permissions to MMIO ranges only after accessing them, allowing host PCI device space memory reads, leading to information disclosure. This is an error in the get_user function. NOTE: the upstream Xen Project considers versions before 4.5.x to be EOL."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-05-08T09:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "98314", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/98314"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.suse.com/show_bug.cgi?id=1033948"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://lists.opensuse.org/opensuse-security-announce/2017-05/msg00005.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2017-7995", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Xen PV guest before Xen 4.3 checked access permissions to MMIO ranges only after accessing them, allowing host PCI device space memory reads, leading to information disclosure. This is an error in the get_user function. NOTE: the upstream Xen Project considers versions before 4.5.x to be EOL."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "98314", "refsource": "BID", "url": "http://www.securityfocus.com/bid/98314"}, {"name": "https://bugzilla.suse.com/show_bug.cgi?id=1033948", "refsource": "CONFIRM", "url": "https://bugzilla.suse.com/show_bug.cgi?id=1033948"}, {"name": "http://lists.opensuse.org/opensuse-security-announce/2017-05/msg00005.html", "refsource": "CONFIRM", "url": "http://lists.opensuse.org/opensuse-security-announce/2017-05/msg00005.html"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2017-7995", "datePublished": "2017-05-03T19:00:00", "dateReserved": "2017-04-21T00:00:00", "dateUpdated": "2017-05-08T09:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:xen:xen:*:*:*:*:*:*:*:*", "matchCriteriaId": "9213743B-275F-4056-81E8-E44E18A81FCA", "versionEndIncluding": "4.2.5", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:suse:manager:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "FD4EEF7C-CC33-4494-8531-7C0CC28A8823", "vulnerable": true}, {"criteria": "cpe:2.3:a:suse:manager_proxy:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "3CBED083-B935-4C47-BBDA-F39D8EA277ED", "vulnerable": true}, {"criteria": "cpe:2.3:a:suse:openstack_cloud:5:*:*:*:*:*:*:*", "matchCriteriaId": "BD6136E8-74DE-48AF-A8AB-B0E93D34870C", "vulnerable": true}, {"criteria": "cpe:2.3:o:novell:suse_linux_enterprise_point_of_sale:11.0:sp3:*:*:*:*:*:*", "matchCriteriaId": "51E07D0D-67A6-4DDE-BE4E-959DE0A3314F", "vulnerable": true}, {"criteria": "cpe:2.3:o:novell:suse_linux_enterprise_server:11.0:sp3:*:*:ltss:*:*:*", "matchCriteriaId": "3F8CE3BD-993B-407F-BAEC-A070F6B46E6E", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Xen PV guest before Xen 4.3 checked access permissions to MMIO ranges only after accessing them, allowing host PCI device space memory reads, leading to information disclosure. This is an error in the get_user function. NOTE: the upstream Xen Project considers versions before 4.5.x to be EOL."}, {"lang": "es", "value": "Xen PV guest anterior a Xen 4.3 chequea los permisos de acceso a los rangos MMIO s\u00f3lo despu\u00e9s de acceder a ellos, lo que permite leer en un dispositivo de memoria PCI, dando lugar a la divulgaci\u00f3n de informaci\u00f3n. Se trata de un error en la funci\u00f3n get_user. NOTA: el upstream Xen Project considera versiones anteriores a 4.5.x para ser EOL."}], "id": "CVE-2017-7995", "lastModified": "2017-05-15T17:45:10.270", "metrics": {"cvssMetricV2": [{"acInsufInfo": true, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 1.7, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 3.1, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 3.8, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 2.0, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-05-03T19:59:00.143", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2017-05/msg00005.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/98314"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Third Party Advisory", "VDB Entry"], "url": "https://bugzilla.suse.com/show_bug.cgi?id=1033948"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}]}