Vulnerability CVE-2019-17349

Vulnerability Name:

CVE-2019-17349 (CCN-168526)

Assigned:

2019-06-13

Published:

2019-06-13

Updated:

2023-02-03

Summary:

CVSS v3 Severity:

5.5 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)
4.8 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): Low User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): High

7.5 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
6.5 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): High

CVSS v2 Severity:

4.9 Medium (CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Complete

7.8 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Complete

Vulnerability Consequences:

Denial of Service

References:

Source: MITRE
Type: CNA
CVE-2019-17349

Source: CCN
Type: Xen Security Advisory XSA-295
Unlimited Arm Atomics Operations

Source: cve@mitre.org
Type: Patch, Vendor Advisory
cve@mitre.org

Source: XF
Type: UNKNOWN
xen-cve201917349-dos(168526)

Source: cve@mitre.org
Type: Mailing List, Third Party Advisory
cve@mitre.org

Source: cve@mitre.org
Type: Third Party Advisory
cve@mitre.org

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2019-17349

Source: cve@mitre.org
Type: Vendor Advisory
cve@mitre.org

Vulnerable Configuration:

Configuration CCN 1:

cpe:/a:xensource:xen:*:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:201917349	V	CVE-2019-17349	2023-06-22
oval:org.opensuse.security:def:7706	P	libyaml-cpp0_6-0.6.3-150400.4.3.1 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:7684	P	libtspi1-0.3.15-150400.1.10 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:7831	P	xen-libs-4.17.0_06-150500.1.10 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:635	P	Security update for rubygem-activesupport-5_1 (Moderate) (in QA)	2022-09-29
oval:org.opensuse.security:def:94253	P	(Important)	2022-07-06
oval:org.opensuse.security:def:3225	P	libopus0-1.1-3.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3401	P	xen-4.12.1_06-1.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3535	P	java-1_8_0-openjdk-1.8.0.222-27.35.2 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3823	P	xen-4.12.1_06-1.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:95165	P	xen-4.16.0_08-150400.2.12 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:94855	P	xen-libs-4.16.0_08-150400.2.12 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:917	P	Security update for vim (Important)	2022-06-16
oval:org.opensuse.security:def:336	P	xen-libs-4.14.1_16-1.6 on GA media (Moderate)	2022-06-13
oval:org.opensuse.security:def:388	P	xen-libs-4.16.0_08-150400.2.12 on GA media (Moderate)	2022-06-10
oval:org.opensuse.security:def:1666	P	Security update for libvirt (Moderate)	2022-05-05
oval:org.opensuse.security:def:113591	P	xen-4.15.1_01-1.2 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:8729	P	Security update for libvirt (Important)	2022-01-05
oval:org.opensuse.security:def:6725	P	Security update for the Linux Kernel (Live Patch 23 for SLE 15) (Important)	2021-12-14
oval:org.opensuse.security:def:100686	P	(Moderate)	2021-12-03
oval:org.opensuse.security:def:8867	P	Security update for ruby2.5 (Important)	2021-12-01
oval:org.opensuse.security:def:9050	P	Security update for libvirt (Important)	2021-10-27
oval:org.opensuse.security:def:106977	P	xen-4.15.1_01-1.2 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:9037	P	Security update for ffmpeg (Important)	2021-09-23
oval:org.opensuse.security:def:1265	P	Security update for the Linux Kernel (Live Patch 3 for SLE 15 SP3) (Important)	2021-09-16
oval:org.opensuse.security:def:66922	P	Security update for openssl-1_0_0 (Low)	2021-09-09
oval:org.opensuse.security:def:93973	P	(Important)	2021-09-03
oval:org.opensuse.security:def:9028	P	Security update for dovecot23 (Moderate)	2021-08-31
oval:org.opensuse.security:def:70278	P	Security update for php7 (Important)	2021-08-20
oval:org.opensuse.security:def:9019	P	Security update for openexr (Important)	2021-08-20
oval:org.opensuse.security:def:69904	P	Security update for c-ares (Important)	2021-08-17
oval:org.opensuse.security:def:6957	P	Security update for the Linux Kernel (Live Patch 15 for SLE 15 SP1) (Important)	2021-08-17
oval:org.opensuse.security:def:48342	P	xen-4.12.1_06-1.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:15222	P	xen-4.12.1_06-1.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:101411	P	xen-4.14.1_16-1.6 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:63385	P	xen-4.14.1_16-1.6 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:2296	P	xen-4.14.1_16-1.6 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:101112	P	xen-libs-4.14.1_16-1.6 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62354	P	xen-libs-4.14.1_16-1.6 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:72095	P	xen-libs-4.14.1_16-1.6 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:100966	P	libqpdf26-9.0.2-1.36 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:8805	P	Security update for sqlite3 (Important)	2021-07-14
oval:org.opensuse.security:def:10646	P	Security update for gupnp (Important)	2021-06-24
oval:org.opensuse.security:def:8986	P	Security update for wireshark (Important)	2021-06-22
oval:org.opensuse.security:def:66830	P	Security update for postgresql10 (Moderate)	2021-06-14
oval:org.opensuse.security:def:11470	P	unixODBC-2.3.1-4.95 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11448	P	python-libxml2-2.9.1-6.2 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:8961	P	Security update for nginx (Important)	2021-06-02
oval:org.opensuse.security:def:8759	P	Security update for djvulibre (Important)	2021-05-19
oval:org.opensuse.security:def:9710	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:73613	P	Security update for libxml2 (Moderate)	2021-05-05
oval:org.opensuse.security:def:6882	P	Security update for the Linux Kernel (Live Patch 21 for SLE 15 SP1) (Important)	2021-04-28
oval:org.opensuse.security:def:9688	P	Security update for xorg-x11-server (Important)	2021-04-14
oval:org.opensuse.security:def:8737	P	Security update for open-iscsi (Important)	2021-04-13
oval:org.opensuse.security:def:70009	P	Security update for gnutls (Important)	2021-03-24
oval:org.opensuse.security:def:7024	P	Security update for the Linux Kernel (Live Patch 13 for SLE 15 SP1) (Important)	2021-03-17
oval:org.opensuse.security:def:6733	P	Security update for the Linux Kernel (Live Patch 18 for SLE 15) (Important)	2021-03-17
oval:org.opensuse.security:def:7015	P	Security update for the Linux Kernel (Live Patch 22 for SLE 15 SP1) (Important)	2021-03-17
oval:org.opensuse.security:def:49304	P	Security update for python-Jinja2 (Important)	2021-02-25
oval:org.opensuse.security:def:6982	P	Security update for the Linux Kernel (Live Patch 21 for SLE 15 SP1) (Important)	2021-02-10
oval:org.opensuse.security:def:8886	P	Security update for subversion (Important)	2021-02-10
oval:org.opensuse.security:def:8852	P	Security update for java-11-openjdk (Important)	2021-02-09
oval:org.opensuse.security:def:70173	P	Security update for openssh (Moderate)	2020-12-18
oval:org.opensuse.security:def:6848	P	Security update for the Linux Kernel (Live Patch 15 for SLE 15 SP1) (Important)	2020-12-07
oval:org.opensuse.security:def:107632	P	xen-4.13.1_02-1.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:117190	P	xen-4.13.1_02-1.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13214	P	xen-4.12.1_06-1.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:63311	P	xen-4.13.1_02-1.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:2222	P	xen-4.13.1_02-1.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:107352	P	xen-libs-4.13.1_02-1.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62006	P	xen-libs-4.13.1_02-1.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:16984	P	xen-devel-4.12.1_06-1.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:116910	P	xen-libs-4.13.1_02-1.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:71747	P	xen-libs-4.13.1_02-1.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:10788	P	libsilc-1_1-2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:66653	P	xen-libs on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:36979	P	openvpn on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10746	P	libimobiledevice-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37459	P	gv on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6863	P	wget on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:73495	P	cups-ddk on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10797	P	libtag-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10497	P	libgcrypt-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37727	P	apache-commons-daemon on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38518	P	xen on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37619	P	mailx on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10810	P	libwmf-0_2-7 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10519	P	libmodplug-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37766	P	davfs2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:36980	P	openvswitch on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37678	P	squashfs on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50053	P	davfs2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10565	P	libxml2-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37794	P	ghostscript on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:36991	P	perl-Cyrus-IMAP on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49358	P	xen-libs on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10612	P	xorg-x11-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37838	P	libFLAC++6 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37075	P	avahi on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:7033	P	libexempi3 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:66561	P	libyaml-0-2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10627	P	apache2-mod_perl-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37211	P	libjavascriptcoregtk-3_0-0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:7046	P	libgypsy0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6755	P	libsmi on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50107	P	xen on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10489	P	libcolord-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:73344	P	xen-libs on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38476	P	ruby on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37312	P	python-imaging on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:73226	P	libssh2-1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6801	P	openvpn on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10721	P	libblkid-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37369	P	zoo on GA media (Moderate)	2020-12-01
oval:com.ubuntu.disco:def:2019173490000000	V	CVE-2019-17349 on Ubuntu 19.04 (disco) - medium.	2019-10-08
oval:com.ubuntu.bionic:def:2019173490000000	V	CVE-2019-17349 on Ubuntu 18.04 LTS (bionic) - medium.	2019-10-08
oval:com.ubuntu.xenial:def:2019173490000000	V	CVE-2019-17349 on Ubuntu 16.04 LTS (xenial) - medium.	2019-10-08

BACK