CVE-2017-15588 : An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to execute arbitrary code on the host OS bec

An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to execute arbitrary code on the host OS because of a race condition that can cause a stale TLB entry.

Published 2017-10-18 08:29:00

Updated 2018-10-19 10:29:03

Source MITRE

View at NVD, CVE.org

Vulnerability category: Execute code

Exploit prediction scoring system (EPSS) score for CVE-2017-15588

Probability of exploitation activity in the next 30 days: 0.08%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 31 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2017-15588

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
6.9	MEDIUM	AV:L/AC:M/Au:N/C:C/I:C/A:C	3.4	10.0	NIST
Access Vector: Local Access Complexity: Medium Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete
7.8	HIGH	CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H	1.1	6.0	NIST
Attack Vector: Local Attack Complexity: High Privileges Required: Low User Interaction: None Scope: Changed Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2017-15588

CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

The product contains a code sequence that can run concurrently with other code, and the code sequence requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence that is operating concurrently.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2017-15588

https://xenbits.xen.org/xsa/advisory-241.html

XSA-241 - Xen Security Advisories
Mailing List;Mitigation;Patch;Vendor Advisory
https://lists.debian.org/debian-lts-announce/2017/11/msg00027.html

[SECURITY] [DLA 1181-1] xen security update

CVEs referencing this url
http://www.securityfocus.com/bid/101490

Xen CVE-2017-15588 Arbitrary Code Execution Vulnerability
Third Party Advisory;VDB Entry
http://www.securitytracker.com/id/1039568

Xen Multiple Flaws on x86 Systems Let Local Guest System Users Obtain Memory Contents and Potentially Sensitive Information, Deny Service on the Host System, and Gain Elevated Privileges on the Host S
Third Party Advisory;VDB Entry

CVEs referencing this url
https://support.citrix.com/article/CTX228867

Citrix XenServer Multiple Security Updates

CVEs referencing this url
https://www.debian.org/security/2017/dsa-4050

Debian -- Security Information -- DSA-4050-1 xen

CVEs referencing this url
https://lists.debian.org/debian-lts-announce/2018/10/msg00009.html

[SECURITY] [DLA 1549-1] xen security update

CVEs referencing this url
https://security.gentoo.org/glsa/201801-14

Xen: Multiple vulnerabilities (GLSA 201801-14) — Gentoo security

CVEs referencing this url

Products affected by CVE-2017-15588

XEN » XEN » Version: 4.9.0
cpe:2.3:o:xen:xen:4.9.0:*:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2017-15588

Exploit prediction scoring system (EPSS) score for CVE-2017-15588

CVSS scores for CVE-2017-15588

CWE ids for CVE-2017-15588

References for CVE-2017-15588

Products affected by CVE-2017-15588