CVE-2018-7540

MEDIUM
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

An issue was discovered in Xen through 4.10.x allowing x86 PV guest OS users to cause a denial of service (host OS CPU hang) via non-preemptable L3/L4 pagetable freeing.

References

http://www.securityfocus.com/bid/103174

http://www.securitytracker.com/id/1040773

https://lists.debian.org/debian-lts-announce/2018/03/msg00003.html

https://lists.debian.org/debian-lts-announce/2018/11/msg00013.html

https://security.gentoo.org/glsa/201810-06

https://support.citrix.com/article/CTX232096

https://support.citrix.com/article/CTX232655

https://www.debian.org/security/2018/dsa-4131

https://xenbits.xen.org/xsa/advisory-252.html

Details

Source: MITRE

Published: 2018-02-27

Updated: 2018-11-13

Type: CWE-400

Risk Information

CVSS v2

Base Score: 4.9

Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C

Impact Score: 6.9

Exploitability Score: 3.9

Severity: MEDIUM

CVSS v3

Base Score: 6.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

Impact Score: 4

Exploitability Score: 2

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:o:xen:xen:*:*:*:*:*:*:*:* versions up to 4.10.0 (inclusive)

Configuration 2

OR

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Tenable Plugins

View all (20 total)

IDNameProductFamilySeverity
140019OracleVM 3.4 : xen (OVMSA-2020-0039) (Bunker Buster) (Foreshadow) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout) (Meltdown) (POODLE) (Spectre)NessusOracleVM Local Security Checks
critical
118963OracleVM 3.2 : xen (OVMSA-2018-0272) (Foreshadow) (Spectre)NessusOracleVM Local Security Checks
high
118962OracleVM 3.3 : xen (OVMSA-2018-0271) (Foreshadow) (Spectre)NessusOracleVM Local Security Checks
high
118892Debian DLA-1577-1 : xen security updateNessusDebian Local Security Checks
high
118506GLSA-201810-06 : Xen: Multiple vulnerabilities (Foreshadow) (Meltdown) (Spectre)NessusGentoo Local Security Checks
critical
111992OracleVM 3.4 : xen (OVMSA-2018-0248) (Bunker Buster) (Foreshadow) (Meltdown) (POODLE) (Spectre)NessusOracleVM Local Security Checks
critical
109987OracleVM 3.4 : xen (OVMSA-2018-0218) (Meltdown) (Spectre)NessusOracleVM Local Security Checks
high
109751openSUSE Security Update : xen (openSUSE-2018-454) (Meltdown)NessusSuSE Local Security Checks
high
109677SUSE SLED12 / SLES12 Security Update : xen (SUSE-SU-2018:1184-1) (Meltdown)NessusSuSE Local Security Checks
high
109001SUSE SLED12 / SLES12 Security Update : xen (SUSE-SU-2018:0909-1) (Meltdown) (Spectre)NessusSuSE Local Security Checks
high
108887Citrix XenServer Multiple Vulnerabilities (CTX232655)NessusMisc.
critical
108886Citrix XenServer Multiple Vulnerabilities (CTX232096)NessusMisc.
high
108492Fedora 26 : xen (2018-0746dac335)NessusFedora Local Security Checks
high
108369SUSE SLES11 Security Update : xen (SUSE-SU-2018:0678-1) (Meltdown) (Spectre)NessusSuSE Local Security Checks
high
107176Fedora 27 : xen (2018-c553a586c8)NessusFedora Local Security Checks
high
107134Debian DLA-1300-1 : xen security updateNessusDebian Local Security Checks
high
107130OracleVM 3.4 : xen (OVMSA-2018-0021) (Meltdown) (Spectre)NessusOracleVM Local Security Checks
high
107129OracleVM 3.4 : xen (OVMSA-2018-0020) (Meltdown) (Spectre)NessusOracleVM Local Security Checks
high
107123Debian DSA-4131-1 : xen - security updateNessusDebian Local Security Checks
high
107097Xen guest_remove_page() Function Pagetable Unpinning Handling Guest-to-host DoS (XSA-252)NessusMisc.
medium