arch/x86/mm.c in Xen allows local PV guest OS users to gain host OS privileges via vectors related to map_grant_ref.
| Date Added | Due Date | Vulnerability Name | Required Action |
|---|---|---|---|
| N/A |
| Type | Version | Base score | Base severity | Vector |
|---|---|---|---|---|
| Primary | 3.0 | 8.8 | HIGH | CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H |
| Primary | 2.0 | 7.2 | HIGH | AV:L/AC:L/Au:N/C:C/I:C/A:C |
| Hyperlink | Source | Resource |
|---|---|---|
| http://www.debian.org/security/2017/dsa-3969 | cve@mitre.org | Third Party Advisory |
| http://www.openwall.com/lists/oss-security/2017/08/15/2 | cve@mitre.org | Mailing List Mitigation Patch Third Party Advisory |
| http://www.securityfocus.com/bid/100342 | cve@mitre.org | Third Party Advisory VDB Entry |
| http://www.securitytracker.com/id/1039174 | cve@mitre.org | Third Party Advisory VDB Entry |
| http://xenbits.xen.org/xsa/advisory-227.html | cve@mitre.org | Patch Vendor Advisory |
| https://bugzilla.redhat.com/show_bug.cgi?id=1477657 | cve@mitre.org | Issue Tracking Patch Third Party Advisory |
| https://security.gentoo.org/glsa/201801-14 | cve@mitre.org | Third Party Advisory |
| https://support.citrix.com/article/CTX225941 | cve@mitre.org | Patch Third Party Advisory |
| http://www.debian.org/security/2017/dsa-3969 | af854a3a-2127-422b-91ae-364da2661108 | Third Party Advisory |
| http://www.openwall.com/lists/oss-security/2017/08/15/2 | af854a3a-2127-422b-91ae-364da2661108 | Mailing List Mitigation Patch Third Party Advisory |
| http://www.securityfocus.com/bid/100342 | af854a3a-2127-422b-91ae-364da2661108 | Third Party Advisory VDB Entry |
| http://www.securitytracker.com/id/1039174 | af854a3a-2127-422b-91ae-364da2661108 | Third Party Advisory VDB Entry |
| http://xenbits.xen.org/xsa/advisory-227.html | af854a3a-2127-422b-91ae-364da2661108 | Patch Vendor Advisory |
| https://bugzilla.redhat.com/show_bug.cgi?id=1477657 | af854a3a-2127-422b-91ae-364da2661108 | Issue Tracking Patch Third Party Advisory |
| https://security.gentoo.org/glsa/201801-14 | af854a3a-2127-422b-91ae-364da2661108 | Third Party Advisory |
| https://support.citrix.com/article/CTX225941 | af854a3a-2127-422b-91ae-364da2661108 | Patch Third Party Advisory |