Debian update for xen
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 3 |
| CVE-ID | CVE-2018-7540 CVE-2018-7541 CVE-2018-7542 |
| CWE-ID | CWE-400 CWE-119 CWE-476 |
| Exploitation vector | Local network |
| Public exploit | N/A |
| Vulnerable software |
Debian Linux Operating systems & Components / Operating system |
| Vendor | Debian |
Security Bulletin
This security bulletin contains information about 3 vulnerabilities.
1) Resource exhaustion
EUVDB-ID: #VU10780
Risk: Medium
CVSSv4.0: 4.9 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2018-7540
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows an adjacent authenticated attacker to cause a DoS condition on the target system.
The weakness exists due to non-preemptable L3/L4 pagetable freeing. An adjacent attacker can exhaust all available CPU resources and cause the service to crash.
Update the affected package to version: 4.8.3+comet2+shim4.10.0+comet3-1+deb9u5
Vulnerable software versionsDebian Linux: All versions
CPE2.3 External linkshttps://xenbits.xen.org/xsa/advisory-252.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Memory corruption
EUVDB-ID: #VU10779
Risk: Low
CVSSv4.0: 6.3 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-7541
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows an adjacent attacker to cause DoS condition and gain elevated privileges on the target system.
The weakness exists due to an error when transitioning from v2 to v1. An adjacent attacker can trigger memory corruption, cause the service to crash and gain root privileges.
Update the affected package to version: 4.8.3+comet2+shim4.10.0+comet3-1+deb9u5
Vulnerable software versionsDebian Linux: All versions
CPE2.3 External linkshttps://xenbits.xen.org/xsa/advisory-255.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) NULL pointer dereference
EUVDB-ID: #VU12546
Risk: Low
CVSSv4.0: 1.3 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-7542
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows an adjacent attacker to cause DoS condition on the target system.
The weakness exists due to NULL pointer dereference. An adjacent attacker can cause the service to crash by leveraging the mishandling of configurations that lack a Local APIC.
Update the affected package to version: 4.8.3+comet2+shim4.10.0+comet3-1+deb9u5
Vulnerable software versionsDebian Linux: All versions
CPE2.3 External linkshttps://xenbits.xen.org/xsa/advisory-256.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
