Vulnerability Name:

CVE-2017-14319

Assigned:2017-09-12
Published:2017-09-12
Updated:2017-11-14
Summary:A grant unmapping issue was discovered in Xen through 4.9.x. When removing or replacing a grant mapping, the x86 PV specific path needs to make sure page table entries remain in sync with other accounting done. Although the identity of the page frame was validated correctly, neither the presence of the mapping nor page writability were taken into account.
CVSS v3 Severity:8.8 High (CVSS v3 Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H)
7.7 High (Temporal CVSS v3 Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): None
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
9.3 Critical (CCN CVSS v3 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
8.1 High (CCN Temporal CVSS v3 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:7.2 High (CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
7.2 High (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-264
References:Source: BID
Type: VENDOR_ADVISORY
100819

Source: SECTRACK
Type: VENDOR_ADVISORY
1039351

Source: CONFIRM
Type: VENDOR_ADVISORY
http://xenbits.xen.org/xsa/advisory-234.html

Source: XF
Type: UNKNOWN
xen-cve201714319-priv-esc(131777)

Source: CONFIRM
Type: UNKNOWN
https://support.citrix.com/article/CTX227185

Vulnerable Configuration:Configuration 1:
  • cpe:/o:xen:xen:4.9.0:*:*:*:*:*:*:*

  • Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:201714319
    V
    CVE-2017-14319
    2017-11-19
    oval:com.ubuntu.trusty:def:201714319000
    V
    CVE-2017-14319 on Ubuntu 14.04 LTS (trusty) - medium.
    2017-09-12
    oval:com.ubuntu.xenial:def:201714319000
    V
    CVE-2017-14319 on Ubuntu 16.04 LTS (xenial) - medium.
    2017-09-12
    BACK
    xen xen 4.9.0