Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2017-15595 — Uncontrolled Resource Consumption in XEN

CWE-400 — Uncontrolled Resource Consumption CWE-770 — Allocation of Resources Without Limits or Throttling CWE-436 — Interpretation Conflict19 documents7 sources

Severity

8.8HIGHNVD

EPSS

0.5%

top 35.81%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

XEN Debian XEN Debian Linux +1 more

Timeline

PublishedOct 18

Latest updateMay 24

Description

An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to cause a denial of service (unbounded recursion, stack consumption, and hypervisor crash) or possibly gain privileges via crafted page-table stacking.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:HExploitability: 2.0 | Impact: 6.0

Affected Packages3 packages

▶debiandebian/xen< xen 4.11.3+24-g14b62ab3e5-1 (bookworm)+2

▶Debianxen/xen< 4.11.3+24-g14b62ab3e5-1+11

▶NVDxen/xen4.11.0 — 4.11.1+2

Also affects: Debian Linux 9.0, Fedora 31

Patches

Patch: xenbits.xen.org ↗Patch: xenbits.xen.org ↗

🔴Vulnerability Details

GHSA

GHSA-xm4c-wwh2-mcv8: An issue was discovered in Xen through 4↗2022-05-24

▶

GHSA

GHSA-m9p9-mh4f-qxmq: An issue was discovered in Xen through 4↗2022-05-14

▶

GHSA

GHSA-3635-87f7-gfgj: An issue was discovered in Xen through 4↗2022-05-13

▶

OSV

CVE-2019-19578: An issue was discovered in Xen through 4↗2019-12-11

▶

OSV

CVE-2018-19966: An issue was discovered in Xen through 4↗2018-12-08

▶

💥Exploits & PoCs

Exploit-DB

Xen - Pagetable De-typing Unbounded Recursion↗2017-10-18

▶

📋Vendor Advisories

Red Hat

xen: privilege escalation due to malicious PV guest (XSA-309)↗2019-12-11

▶

Debian

CVE-2019-19578: xen - An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to ...↗2019

▶

Red Hat

xen: Conflicts with shadow paging due to XSA-240 incomplete fix (XSA-280)↗2018-11-20

▶

Debian

CVE-2018-19966: xen - An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to ...↗2018

▶

Red Hat

xen: Unlimited recursion in linear pagetable de-typing (XSA-240)↗2017-10-12

▶

💬Community

Bugzilla

CVE-2019-19578 xen: privilege escalation due to malicious PV guest (XSA-309)↗2019-11-29

▶

Bugzilla

CVE-2017-15588 CVE-2017-15589 CVE-2017-15590 CVE-2017-15591 CVE-2017-15592 CVE-2017-15593 CVE-2017-15594 CVE-2017-15595 xen: various flaws [fedora-all]↗2017-10-12

▶

Bugzilla

CVE-2017-15595 xsa240 xen: Unlimited recursion in linear pagetable de-typing (XSA-240)↗2017-10-09

▶