CVE-2017-10923

Опубликовано: 05 июл. 2017

Источник: debian

EPSS Низкий

Описание

Xen through 4.8.x does not validate a vCPU array index upon the sending of an SGI, which allows guest OS users to cause a denial of service (hypervisor crash), aka XSA-225.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
xen	fixed	4.8.1-1+deb9u3		package
xen	fixed	4.8.1-1+deb9u3	stretch	package
xen	not-affected		jessie	package
xen	not-affected		wheezy	package

Примечания

https://xenbits.xen.org/xsa/advisory-225.html

EPSS

Процентиль: 73%

0.00779

Низкий

Связанные уязвимости

CVE-2017-10923

CVSS3: 6.5

ubuntu

больше 8 лет назад

Xen through 4.8.x does not validate a vCPU array index upon the sending of an SGI, which allows guest OS users to cause a denial of service (hypervisor crash), aka XSA-225.

CVE-2017-10923

CVSS3: 7.7

redhat

больше 8 лет назад

Xen through 4.8.x does not validate a vCPU array index upon the sending of an SGI, which allows guest OS users to cause a denial of service (hypervisor crash), aka XSA-225.

CVE-2017-10923

CVSS3: 6.5

nvd

больше 8 лет назад

Xen through 4.8.x does not validate a vCPU array index upon the sending of an SGI, which allows guest OS users to cause a denial of service (hypervisor crash), aka XSA-225.

GHSA-83mw-xpgw-63qr

CVSS3: 6.5

github

больше 3 лет назад

Xen through 4.8.x does not validate a vCPU array index upon the sending of an SGI, which allows guest OS users to cause a denial of service (hypervisor crash), aka XSA-225.

EPSS

Процентиль: 73%

0.00779

Низкий