Xen Security Advisory CVE-2017-10912 [page transfer may allow PV guest to elevate privilege]

by CIRT Team

17 Jul 2017

in Security Advisories & Alerts

No Comments

1564

Description: Xen through 4.8.x mishandles page transfer, which allows guest OS users to obtain privileged host OS access, aka XSA-217.

Impact: A malicious pair of guests may be able to access all of system memory, allowing for all of privilege escalation, host crashes, and information leaks.

Mitigation: Updates are available. Please check specific vendor advisory for more information.

Reference URL’s:

https://xenbits.xen.org/xsa/advisory-217.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-10912

info@cirt.gov.bd

+88-02-550071 83-86

Xen Security Advisory CVE-2017-10912 [page transfer may allow PV guest to elevate privilege]

by CIRT Team

17 Jul 2017

in Security Advisories & Alerts

No Comments

1564

CIRT Team

Recommended Posts

Active Exploitation of Critical F5 BIG – IP Vulnerability (CVE–2023-46747) Uncovered in Bangladesh

Emerging Threat_Stealer Malware (Lumma C2) Campaign with fake CAPTCHA pages

Detection of Fog Ransomware Footprint in Cyber Space of Bangladesh

Subscribe here

Important links

MEMBER OF: