CVE-2019-17347 - OpenCVE

An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges because a guest can manipulate its virtualised %cr4 in a way that is incompatible with Linux (and possibly other guest kernels).

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:L/AC:L/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Debian	Debian Linux
Xen	Xen

Configuration 1 [-]

cpe:2.3:o:xen:xen:*:*:*:*:*:*:*:*

Configuration 2 [-]

OR	cpe:2.3:o:debian:debian_linux:9.0:::::::*
	cpe:2.3:o:debian:debian_linux:10.0:::::::*

References

Link	Resource
http://www.openwall.com/lists/oss-security/2019/10/25/8	Mailing List
http://xenbits.xen.org/xsa/advisory-293.html	Patch Vendor Advisory
https://seclists.org/bugtraq/2020/Jan/21	Mailing List Third Party Advisory
https://www.debian.org/security/2020/dsa-4602	Third Party Advisory
https://xenbits.xen.org/xsa/advisory-293.html	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2019-10-08T00:02:04

Updated: 2020-01-14T22:06:24

Reserved: 2019-10-07T00:00:00

Link: CVE-2019-17347

JSON object: View

NVD Information

Status : Analyzed

Published: 2019-10-08T01:15:10.890

Modified: 2023-02-03T20:26:40.097

Link: CVE-2019-17347

JSON object: View

Redhat Information

No data.

CWE

CWE-20

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges because a guest can manipulate its virtualised %cr4 in a way that is incompatible with Linux (and possibly other guest kernels)."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-01-14T22:06:24", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://xenbits.xen.org/xsa/advisory-293.html"}, {"tags": ["x_refsource_MISC"], "url": "https://xenbits.xen.org/xsa/advisory-293.html"}, {"name": "[oss-security] 20191025 Xen Security Advisory 293 v4 (CVE-2019-17347) - x86: PV kernel context switch corruption", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2019/10/25/8"}, {"name": "DSA-4602", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "https://www.debian.org/security/2020/dsa-4602"}, {"name": "20200114 [SECURITY] [DSA 4602-1] xen security update", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "https://seclists.org/bugtraq/2020/Jan/21"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-17347", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges because a guest can manipulate its virtualised %cr4 in a way that is incompatible with Linux (and possibly other guest kernels)."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://xenbits.xen.org/xsa/advisory-293.html", "refsource": "CONFIRM", "url": "http://xenbits.xen.org/xsa/advisory-293.html"}, {"name": "https://xenbits.xen.org/xsa/advisory-293.html", "refsource": "MISC", "url": "https://xenbits.xen.org/xsa/advisory-293.html"}, {"name": "[oss-security] 20191025 Xen Security Advisory 293 v4 (CVE-2019-17347) - x86: PV kernel context switch corruption", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2019/10/25/8"}, {"name": "DSA-4602", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2020/dsa-4602"}, {"name": "20200114 [SECURITY] [DSA 4602-1] xen security update", "refsource": "BUGTRAQ", "url": "https://seclists.org/bugtraq/2020/Jan/21"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2019-17347", "datePublished": "2019-10-08T00:02:04", "dateReserved": "2019-10-07T00:00:00", "dateUpdated": "2020-01-14T22:06:24", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:xen:xen:*:*:*:*:*:*:*:*", "matchCriteriaId": "35C99D1B-54FC-4373-8330-B956A4E62432", "versionEndIncluding": "4.11.2", "versionStartIncluding": "4.1.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges because a guest can manipulate its virtualised %cr4 in a way that is incompatible with Linux (and possibly other guest kernels)."}, {"lang": "es", "value": "Se detect\u00f3 un problema en Xen versiones hasta 4.11.x, permitiendo a usuarios del sistema operativo invitado PV de x86, causar una denegaci\u00f3n de servicio u alcanzar privilegios porque un invitado puede manipular su %cr4 virtualizado en una manera que es incompatible con Linux (y posiblemente otros kernels invitados)."}], "id": "CVE-2019-17347", "lastModified": "2023-02-03T20:26:40.097", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-10-08T01:15:10.890", "references": [{"source": "cve@mitre.org", "tags": ["Mailing List"], "url": "http://www.openwall.com/lists/oss-security/2019/10/25/8"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://xenbits.xen.org/xsa/advisory-293.html"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://seclists.org/bugtraq/2020/Jan/21"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://www.debian.org/security/2020/dsa-4602"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://xenbits.xen.org/xsa/advisory-293.html"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}