UBUNTU-CVE-2017-10916
See a problem?- Source
- https://ubuntu.com/security/notices/UBUNTU-CVE-2017-10916
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2017/UBUNTU-CVE-2017-10916.json
- JSON Data
- https://api.osv.dev/v1/vulns/UBUNTU-CVE-2017-10916
- Related
- Published
- 2017-07-05T01:29:00Z
- Modified
- 2017-07-05T01:29:00Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
- Summary
- [none]
- Details
-
The vCPU context-switch implementation in Xen through 4.8.x improperly interacts with the Memory Protection Extensions (MPX) and Protection Key (PKU) features, which makes it easier for guest OS users to defeat ASLR and other protection mechanisms, aka XSA-220.
- References
Affected packages
Ubuntu:16.04:LTS / xen
Package
- Name
- xen
- Purl
- pkg:deb/ubuntu/xen@4.6.5-0ubuntu1.2?arch=src?distro=xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.6.5-0ubuntu1.2
Affected versions
4.*
4.5.1-0ubuntu1
4.5.1-0ubuntu2
4.6.0-1ubuntu1
4.6.0-1ubuntu2
4.6.0-1ubuntu4
4.6.0-1ubuntu4.1
4.6.0-1ubuntu4.2
4.6.0-1ubuntu4.3
4.6.5-0ubuntu1
4.6.5-0ubuntu1.1
Ecosystem specific
{
"availability": "No subscription required",
"ubuntu_priority": "medium",
"binaries": [
{
"xen-hypervisor-4.6-armhf": "4.6.5-0ubuntu1.2",
"libxenstore3.0": "4.6.5-0ubuntu1.2",
"xenstore-utils-dbgsym": "4.6.5-0ubuntu1.2",
"xen-hypervisor-4.5-armhf": "4.6.5-0ubuntu1.2",
"libxenstore3.0-dbgsym": "4.6.5-0ubuntu1.2",
"xen-hypervisor-4.5-amd64": "4.6.5-0ubuntu1.2",
"xen-utils-4.6": "4.6.5-0ubuntu1.2",
"libxen-dev": "4.6.5-0ubuntu1.2",
"xen-system-amd64": "4.6.5-0ubuntu1.2",
"xen-hypervisor-4.4-arm64": "4.6.5-0ubuntu1.2",
"xenstore-utils": "4.6.5-0ubuntu1.2",
"xen-system-armhf": "4.6.5-0ubuntu1.2",
"xen-utils-common": "4.6.5-0ubuntu1.2",
"libxen-4.6": "4.6.5-0ubuntu1.2",
"xen-hypervisor-4.4-amd64": "4.6.5-0ubuntu1.2",
"xen-hypervisor-4.6-amd64": "4.6.5-0ubuntu1.2",
"xen-hypervisor-4.5-arm64": "4.6.5-0ubuntu1.2",
"xen-utils-4.6-dbgsym": "4.6.5-0ubuntu1.2",
"xen-hypervisor-4.4-armhf": "4.6.5-0ubuntu1.2",
"xen-hypervisor-4.6-arm64": "4.6.5-0ubuntu1.2",
"libxen-4.6-dbgsym": "4.6.5-0ubuntu1.2",
"xen-system-arm64": "4.6.5-0ubuntu1.2"
}
]
}