CVE-2017-15588
Summary
| CVE | CVE-2017-15588 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2017-10-18 08:29:00 UTC |
| Updated | 2018-10-19 10:29:00 UTC |
| Description | An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to execute arbitrary code on the host OS because of a race condition that can cause a stale TLB entry. |
Risk And Classification
Problem Types: CWE-362
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Xen CVE-2017-15588 Arbitrary Code Execution Vulnerability | BID | www.securityfocus.com | Third Party Advisory, VDB Entry |
| [SECURITY] [DLA 1549-1] xen security update | MLIST | lists.debian.org | |
| [SECURITY] [DLA 1181-1] xen security update | MLIST | lists.debian.org | |
| XSA-241 - Xen Security Advisories | CONFIRM | xenbits.xen.org | Mailing List, Mitigation, Patch, Vendor Advisory |
| Xen: Multiple vulnerabilities (GLSA 201801-14) — Gentoo security | GENTOO | security.gentoo.org | |
| Debian -- Security Information -- DSA-4050-1 xen | DEBIAN | www.debian.org | |
| Xen Multiple Flaws on x86 Systems Let Local Guest System Users Obtain Memory Contents and Potentially Sensitive Information, Deny Service on the Host System, and Gain Elevated Privileges on the Host System - SecurityTracker | SECTRACK | www.securitytracker.com | Third Party Advisory, VDB Entry |
| Citrix XenServer Multiple Security Updates | CONFIRM | support.citrix.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.