CVE-2017-8904 — XEN vulnerability

7 documents6 sources

Severity

8.8HIGHNVD

EPSS

0.1%

top 75.10%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

XEN Debian XEN

Timeline

PublishedMay 11

Latest updateMay 13

Description

Xen through 4.8.x mishandles the "contains segment descriptors" property during GNTTABOP_transfer (aka guest transfer) operations, which might allow PV guest OS users to execute arbitrary code on the host OS, aka XSA-214.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:HExploitability: 2.0 | Impact: 6.0

Affected Packages3 packages

▶debiandebian/xen< xen 4.8.1-1+deb9u1 (bookworm)

▶Debianxen/xen< 4.8.1-1+deb9u1+3

▶NVDxen/xen4.8.0, 4.8.1+1

Patches

Patch: xenbits.xen.org ↗Patch: xenbits.xen.org ↗

🔴Vulnerability Details

GHSA

GHSA-cpcf-5qpg-m8gh: Xen through 4↗2022-05-13

▶

OSV

CVE-2017-8904: Xen through 4↗2017-05-11

▶

📋Vendor Advisories

Red Hat

xen: grant transfer allows PV guest to elevate privileges (XSA-214)↗2017-05-02

▶

Debian

CVE-2017-8904: xen - Xen through 4.8.x mishandles the "contains segment descriptors" property during ...↗2017

▶

💬Community

Bugzilla

CVE-2017-8903 CVE-2017-8904 CVE-2017-8905 xen: various flaws [fedora-all]↗2017-05-02

▶

Bugzilla

CVE-2017-8904 xsa214 xen: grant transfer allows PV guest to elevate privileges (XSA-214)↗2017-04-18

▶