Required CVE Record Information
Description
An issue was discovered in Xen through 4.9.x allowing HVM guest OS users to gain privileges on the host OS, obtain sensitive information, or cause a denial of service (BUG and host OS crash) by leveraging the mishandling of Populate on Demand (PoD) Physical-to-Machine (P2M) errors.
References 8 Total
- securityfocus.com: 102013 vdb-entry
- lists.debian.org: [debian-lts-announce] 20181030 [SECURITY] [DLA 1559-1] xen security update mailing-list
- securitytracker.com: 1039879 vdb-entry
- securityfocus.com: 102129 vdb-entry
- lists.debian.org: [debian-lts-announce] 20180105 [SECURITY] [DLA 1230-1] xen security update mailing-list
- https://xenbits.xen.org/xsa/advisory-247.html
- security.gentoo.org: GLSA-201801-14 vendor-advisory
- https://support.citrix.com/article/CTX230138
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 8 Total
- securityfocus.com: 102013 vdb-entryx_transferred
- lists.debian.org: [debian-lts-announce] 20181030 [SECURITY] [DLA 1559-1] xen security update mailing-listx_transferred
- securitytracker.com: 1039879 vdb-entryx_transferred
- securityfocus.com: 102129 vdb-entryx_transferred
- lists.debian.org: [debian-lts-announce] 20180105 [SECURITY] [DLA 1230-1] xen security update mailing-listx_transferred
- https://xenbits.xen.org/xsa/advisory-247.html x_transferred
- security.gentoo.org: GLSA-201801-14 vendor-advisoryx_transferred
- https://support.citrix.com/article/CTX230138 x_transferred