CVE-2018-10472LOW
Description
An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users (in certain configurations) to read arbitrary dom0 files via QMP live insertion of a CDROM, in conjunction with specifying the target file as the backing file of a snapshot.
References
http://www.securityfocus.com/bid/104002
https://lists.debian.org/debian-lts-announce/2018/10/msg00021.html
https://security.gentoo.org/glsa/201810-06
Details
Source: MITRE
Published: 2018-04-27
Updated: 2018-10-31
Type: CWE-200
Risk Information
CVSS v2.0
Base Score: 1.9
Vector: AV:L/AC:M/Au:N/C:P/I:N/A:N
Impact Score: 2.9
Exploitability Score: 3.4
Severity: LOW
CVSS v3.0
Base Score: 5.6
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
Impact Score: 4
Exploitability Score: 1.1
Severity: MEDIUM
Vulnerable Software
Configuration 1
OR
cpe:2.3:o:xen:xen:*:*:*:*:*:*:x86:* versions up to 4.10.1 (inclusive)
Configuration 2
OR
Tenable Plugins
| ID | Name | Product | Family | Severity |
|---|---|---|---|---|
| 120843 | Fedora 28 : xen (2018-dbebca30d0) | Nessus | Fedora Local Security Checks | low |
| 118506 | GLSA-201810-06 : Xen: Multiple vulnerabilities (Foreshadow) (Meltdown) (Spectre) | Nessus | Gentoo Local Security Checks | high |
| 118503 | Debian DLA-1559-1 : xen security update | Nessus | Debian Local Security Checks | high |
| 118304 | SUSE SLES12 Security Update : xen (SUSE-SU-2018:3230-1) (Meltdown) | Nessus | SuSE Local Security Checks | high |
| 109816 | Debian DSA-4201-1 : xen - security update | Nessus | Debian Local Security Checks | high |
| 109756 | SUSE SLES12 Security Update : xen (SUSE-SU-2018:1216-1) (Meltdown) | Nessus | SuSE Local Security Checks | high |
| 109751 | openSUSE Security Update : xen (openSUSE-2018-454) (Meltdown) | Nessus | SuSE Local Security Checks | high |
| 109746 | Fedora 26 : xen (2018-eb69078020) | Nessus | Fedora Local Security Checks | medium |
| 109722 | SUSE SLES11 Security Update : xen (SUSE-SU-2018:1203-1) (Meltdown) | Nessus | SuSE Local Security Checks | high |
| 109721 | SUSE SLES12 Security Update : xen (SUSE-SU-2018:1202-1) (Meltdown) | Nessus | SuSE Local Security Checks | high |
| 109677 | SUSE SLED12 / SLES12 Security Update : xen (SUSE-SU-2018:1184-1) (Meltdown) | Nessus | SuSE Local Security Checks | high |
| 109676 | SUSE SLES11 Security Update : xen (SUSE-SU-2018:1181-1) (Meltdown) | Nessus | SuSE Local Security Checks | high |
| 109672 | SUSE SLES12 Security Update : xen (SUSE-SU-2018:1177-1) (Meltdown) | Nessus | SuSE Local Security Checks | high |
| 109573 | Xen CDROM Image Handling Local File Disclosure Vulnerability (XSA-258) | Nessus | Misc. | low |
| 109519 | Fedora 27 : xen (2018-604574c943) | Nessus | Fedora Local Security Checks | medium |