#VU8829 Race condition in Xen - CVE-2017-15588
Vulnerability identifier: #VU8829
Vulnerability risk: Low
CVSSv4.0: 4.9 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2017-15588
CWE-ID:
CWE-362
Exploitation vector: Local network
Exploit availability: No
Vulnerable software:
Xen
Server applications /
Virtualization software
Vendor: Xen Project
Description
The vulnerability allows an adjacent attacker to gain unauthorized access to system memory.
The weakness exists on x86 PV guest systems due to improper handling of references in memory tables. An adjacent attacker can trigger a race condition while sending a translation lookaside buffer (TLB) flush request that involves an interprocessor interrupt (IPI) to a CPU, access all the system memory and possibly cause the system to crash.
Successful exploitation of the vulnerability may result in denial of service.
Mitigation
Install update from vendor's website.
Vulnerable software versions
Xen: 4.5.0 - 4.9.0
External links
https://xenbits.xen.org/xsa/advisory-241.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
