Detections
Analytics

Alpine: xen: security update to 4.7.3-r3

critical Tenable Cloud Security Plugin ID 407883

Description

There are packages installed that are affected by multiple vulnerabilities referenced in the following CVEs:

 - An issue was discovered in Xen through 4.9.x. Grant copying code made an implication that any grant pin
 would be accompanied by a suitable page reference. Other portions of code, however, did not match up with
 that assumption. When such a grant copy operation is being done on a grant of a dying domain, the
 assumption turns out wrong. A malicious guest administrator can cause hypervisor memory corruption, most
 likely resulting in host crash and a Denial of Service. Privilege escalation and information leaks cannot
 be ruled out. (CVE-2017-15597)

 - An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to execute arbitrary code on
 the host OS because of a race condition that can cause a stale TLB entry. (CVE-2017-15588)

 - An issue was discovered in Xen through 4.9.x allowing x86 HVM guest OS users to obtain sensitive
 information from the host OS (or an arbitrary guest OS) because intercepted I/O operations can cause a
 write of data from uninitialized hypervisor stack memory. (CVE-2017-15589)

 - An issue was discovered in Xen through 4.9.x allowing x86 guest OS users to cause a denial of service
 (hypervisor crash) or possibly gain privileges because MSI mapping was mishandled. (CVE-2017-15590)

 - An issue was discovered in Xen 4.5.x through 4.9.x allowing attackers (who control a stub domain kernel or
 tool stack) to cause a denial of service (host OS crash) because of a missing comparison (of range start
 to range end) within the DMOP map/unmap implementation. (CVE-2017-15591)

See Also

https://security.alpinelinux.org/vuln/CVE-2017-15588

https://security.alpinelinux.org/vuln/CVE-2017-15589

https://security.alpinelinux.org/vuln/CVE-2017-15590

https://security.alpinelinux.org/vuln/CVE-2017-15591

https://security.alpinelinux.org/vuln/CVE-2017-15592

https://security.alpinelinux.org/vuln/CVE-2017-15593

https://security.alpinelinux.org/vuln/CVE-2017-15594

https://security.alpinelinux.org/vuln/CVE-2017-15595

https://security.alpinelinux.org/vuln/CVE-2017-15596

https://security.alpinelinux.org/vuln/CVE-2017-15597

https://security.alpinelinux.org/vuln/CVE-2017-17046

Plugin Details

Severity: Critical

ID: 407883

Version: Revision 1.24

Type: Local

Published: 10/31/2023

Updated: 3/13/2025

Supported Sensors: Agentless Assessment

Risk Information

VPR

Risk Factor: High

Score: 7.3

CVSS v2

Risk Factor: High

Base Score: 9

Temporal Score: 7

Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2017-15597

CVSS v3

Risk Factor: Critical

Base Score: 9.1

Temporal Score: 8.2

Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 9/28/2017

Reference Information

CVE: CVE-2017-15588, CVE-2017-15589, CVE-2017-15590, CVE-2017-15591, CVE-2017-15592, CVE-2017-15593, CVE-2017-15594, CVE-2017-15595, CVE-2017-15596, CVE-2017-15597, CVE-2017-17046

BID: 101490, 101496, 101500, 101512, 101513, 101564, 101067

IAVA: 2017-A-0300-S, 2017-A-0320-S, 2017-A-0351-S

IAVB: 2017-B-0142-S, 2017-B-0148-S