An issue was discovered in Xen through 4.10.x allowing x86 PV guest OS users to cause a denial of service (out-of-bounds zero write and hypervisor crash) via unexpected INT 80 processing, because of an incorrect fix for CVE-2017-5754.
http://www.securityfocus.com/bid/104003
https://lists.debian.org/debian-lts-announce/2018/10/msg00009.html
https://security.gentoo.org/glsa/201810-06
Source: MITRE
Published: 2018-04-27
Updated: 2018-10-31
Type: CWE-787
Base Score: 4.9
Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C
Impact Score: 6.9
Exploitability Score: 3.9
Severity: MEDIUM
Base Score: 6.5
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
Impact Score: 4
Exploitability Score: 2
Severity: MEDIUM
OR
cpe:2.3:o:xen:xen:*:*:*:*:*:*:*:* versions up to 4.10.1 (inclusive)
OR
ID | Name | Product | Family | Severity |
---|---|---|---|---|
120843 | Fedora 28 : xen (2018-dbebca30d0) | Nessus | Fedora Local Security Checks | low |
118506 | GLSA-201810-06 : Xen: Multiple vulnerabilities (Foreshadow) (Meltdown) (Spectre) | Nessus | Gentoo Local Security Checks | high |
118304 | SUSE SLES12 Security Update : xen (SUSE-SU-2018:3230-1) (Meltdown) | Nessus | SuSE Local Security Checks | high |
118215 | Debian DLA-1549-1 : xen security update | Nessus | Debian Local Security Checks | high |
109816 | Debian DSA-4201-1 : xen - security update | Nessus | Debian Local Security Checks | high |
109756 | SUSE SLES12 Security Update : xen (SUSE-SU-2018:1216-1) (Meltdown) | Nessus | SuSE Local Security Checks | high |
109751 | openSUSE Security Update : xen (openSUSE-2018-454) (Meltdown) | Nessus | SuSE Local Security Checks | high |
109746 | Fedora 26 : xen (2018-eb69078020) | Nessus | Fedora Local Security Checks | medium |
109722 | SUSE SLES11 Security Update : xen (SUSE-SU-2018:1203-1) (Meltdown) | Nessus | SuSE Local Security Checks | high |
109721 | SUSE SLES12 Security Update : xen (SUSE-SU-2018:1202-1) (Meltdown) | Nessus | SuSE Local Security Checks | high |
109677 | SUSE SLED12 / SLES12 Security Update : xen (SUSE-SU-2018:1184-1) (Meltdown) | Nessus | SuSE Local Security Checks | high |
109676 | SUSE SLES11 Security Update : xen (SUSE-SU-2018:1181-1) (Meltdown) | Nessus | SuSE Local Security Checks | high |
109672 | SUSE SLES12 Security Update : xen (SUSE-SU-2018:1177-1) (Meltdown) | Nessus | SuSE Local Security Checks | high |
109574 | Xen arch/x86/x86_64/entry.S Exception Handling Guest-to-host DoS (XSA-259) | Nessus | Misc. | medium |
109519 | Fedora 27 : xen (2018-604574c943) | Nessus | Fedora Local Security Checks | medium |