CVE-2017-10916

EUVD-2017-2554
The vCPU context-switch implementation in Xen through 4.8.x improperly interacts with the Memory Protection Extensions (MPX) and Protection Key (PKU) features, which makes it easier for guest OS users to defeat ASLR and other protection mechanisms, aka XSA-220.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 59%
Affected Products (NVD)
VendorProductVersion
xenxen
4.5.0
xenxen
4.5.1
xenxen
4.5.2
xenxen
4.5.3
xenxen
4.5.5
xenxen
4.6.0
xenxen
4.6.1
xenxen
4.6.2
xenxen
4.6.4
xenxen
4.6.5
xenxen
4.7.1
xenxen
4.8.0
xenxen
4.8.1
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
xen
bookworm
4.17.3+10-g091466ba55-1~deb12u1
fixed
bullseye
4.14.6-1
fixed
bullseye (security)
4.14.5+94-ge49571868d-1
fixed
jessie
not-affected
sid
4.17.3+36-g54dacb5c02-1
fixed
trixie
4.17.3+36-g54dacb5c02-1
fixed
wheezy
not-affected
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
xen
trusty
dne
xenial
Fixed 4.6.5-0ubuntu1.2
released
yakkety
Fixed 4.7.2-0ubuntu1.3
released
zesty
Fixed 4.8.0-1ubuntu2.2
released
Common Weakness Enumeration
References
http://www.debian.org/security/2017/dsa-3969
http://www.securityfocus.com/bid/99167
http://www.securitytracker.com/id/1038730
https://security.gentoo.org/glsa/201708-03
https://xenbits.xen.org/xsa/advisory-220.html
http://www.debian.org/security/2017/dsa-3969
http://www.securityfocus.com/bid/99167
http://www.securitytracker.com/id/1038730
https://security.gentoo.org/glsa/201708-03
https://xenbits.xen.org/xsa/advisory-220.html