CVE-2017-14319 — XEN vulnerability

7 documents6 sources

Severity

8.8HIGHNVD

EPSS

0.0%

top 88.44%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

XEN Debian XEN

Timeline

PublishedSep 12

Latest updateMay 13

Description

A grant unmapping issue was discovered in Xen through 4.9.x. When removing or replacing a grant mapping, the x86 PV specific path needs to make sure page table entries remain in sync with other accounting done. Although the identity of the page frame was validated correctly, neither the presence of the mapping nor page writability were taken into account.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:HExploitability: 2.0 | Impact: 6.0

Affected Packages3 packages

▶debiandebian/xen< xen 4.8.2+xsa245-0+deb9u1 (bookworm)

▶Debianxen/xen< 4.8.2+xsa245-0+deb9u1+3

▶NVDxen/xen4.9.0

Patches

Patch: xenbits.xen.org ↗Patch: xenbits.xen.org ↗

🔴Vulnerability Details

GHSA

GHSA-j3wj-mf3m-r9xc: A grant unmapping issue was discovered in Xen through 4↗2022-05-13

▶

OSV

CVE-2017-14319: A grant unmapping issue was discovered in Xen through 4↗2017-09-12

▶

📋Vendor Advisories

Red Hat

xen: insufficient grant unmapping checks for x86 PV guests (XSA-234)↗2017-09-12

▶

Debian

CVE-2017-14319: xen - A grant unmapping issue was discovered in Xen through 4.9.x. When removing or re...↗2017

▶

💬Community

Bugzilla

CVE-2017-14316 CVE-2017-14317 CVE-2017-14318 CVE-2017-14319 xen: various flaws [fedora-all]↗2017-09-12

▶

Bugzilla

CVE-2017-14319 xsa234 xen: insufficient grant unmapping checks for x86 PV guests (XSA-234)↗2017-08-30

▶