CVE-2019-17347

Name
CVE-2019-17347
Description
An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges because a guest can manipulate its virtualised %cr4 in a way that is incompatible with Linux (and possibly other guest kernels).
NVD Severity
medium
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
Vendor Advisory https://xenbits.xen.org/xsa/advisory-293.html
MLIST http://www.openwall.com/lists/oss-security/2019/10/25/8
CONFIRM http://xenbits.xen.org/xsa/advisory-293.html
DEBIAN https://www.debian.org/security/2020/dsa-4602
BUGTRAQ https://seclists.org/bugtraq/2020/Jan/21

Match rules

CPE URI Source package Min version Max version
cpe:2.3:o:xen:xen:*:*:*:*:*:*:*:* xen >= 4.1.0 <= 4.11.2

Vulnerable and fixed packages

Source package Branch Version Maintainer Status