CVE-2017-14316 — Out-of-bounds Read in XEN

CWE-125 — Out-of-bounds Read7 documents6 sources

Severity

8.8HIGHNVD

EPSS

0.0%

top 88.44%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

XEN Debian XEN

Timeline

PublishedSep 12

Latest updateMay 14

Description

A parameter verification issue was discovered in Xen through 4.9.x. The function `alloc_heap_pages` allows callers to specify the first NUMA node that should be used for allocations through the `memflags` parameter; the node is extracted using the `MEMF_get_node` macro. While the function checks to see if the special constant `NUMA_NO_NODE` is specified, it otherwise does not handle the case where `node >= MAX_NUMNODES`. This allows an out-of-bounds access to an internal array.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:HExploitability: 2.0 | Impact: 6.0

Affected Packages3 packages

▶debiandebian/xen< xen 4.8.2+xsa245-0+deb9u1 (bookworm)

▶Debianxen/xen< 4.8.2+xsa245-0+deb9u1+3

▶NVDxen/xen4.9.0

Patches

Patch: xenbits.xen.org ↗Patch: xenbits.xen.org ↗

🔴Vulnerability Details

GHSA

GHSA-9pmq-32g5-2h85: A parameter verification issue was discovered in Xen through 4↗2022-05-14

▶

OSV

CVE-2017-14316: A parameter verification issue was discovered in Xen through 4↗2017-09-12

▶

📋Vendor Advisories

Red Hat

xen: Missing NUMA node parameter verification (XSA-231)↗2017-09-12

▶

Debian

CVE-2017-14316: xen - A parameter verification issue was discovered in Xen through 4.9.x. The function...↗2017

▶

💬Community

Bugzilla

CVE-2017-14316 CVE-2017-14317 CVE-2017-14318 CVE-2017-14319 xen: various flaws [fedora-all]↗2017-09-12

▶

Bugzilla

CVE-2017-14316 xsa231 xen: Missing NUMA node parameter verification (XSA-231)↗2017-08-30

▶