CVE-2017-12855Sensitive Information Exposure in XEN

CWE-200Sensitive Information Exposure7 documents6 sources
Severity
6.5MEDIUMNVD
EPSS
0.1%
top 84.73%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
XENDebian XEN
Timeline
PublishedAug 15
Latest updateMay 17

Description

Xen maintains the _GTF_{read,writ}ing bits as appropriate, to inform the guest that a grant is in use. A guest is expected not to modify the grant details while it is in use, whereas the guest is free to modify/reuse the grant entry when it is not in use. Under some circumstances, Xen will clear the status bits too early, incorrectly informing the guest that the grant is no longer in use. A guest may prematurely believe that a granted frame is safely private again, and reuse it in a way which co

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:NExploitability: 2.0 | Impact: 4.0

Affected Packages3 packages

debiandebian/xen< xen 4.8.1-1+deb9u3 (bookworm)
Debianxen/xen< 4.8.1-1+deb9u3+3
NVDxen/xen18 versions+17

🔴Vulnerability Details

2
GHSA
GHSA-c6pm-8crm-3rr8: Xen maintains the _GTF_{read,writ}ing bits as appropriate, to inform the guest that a grant is in use2022-05-17
OSV
CVE-2017-12855: Xen maintains the _GTF_{read,writ}ing bits as appropriate, to inform the guest that a grant is in use2017-08-15

📋Vendor Advisories

2
Red Hat
xen: grant_table: possibly premature clearing of GTF_writing / GTF_reading (XSA-230)2017-08-15
Debian
CVE-2017-12855: xen - Xen maintains the _GTF_{read,writ}ing bits as appropriate, to inform the guest t...2017

💬Community

2
Bugzilla
CVE-2017-12855 xsa230 CVE-2017-12855 xen: grant_table: possibly premature clearing of GTF_writing / GTF_reading (XSA-230)2017-08-15
Bugzilla
CVE-2017-12134 CVE-2017-12135 CVE-2017-12136 CVE-2017-12137 CVE-2017-12855 xen: various flaws [fedora-all]2017-08-15