Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2017-10914

The grant-table feature in Xen through 4.8.x has a race condition leading to a double free, which allows guest OS users to cause a denial of service (memory consumption), or possibly obtain sensitive information or gain privileges, aka XSA-218 bug 2.

Related bugs and status

CVE-2017-10914 (Candidate) is related to these bugs:

Bug #1321144: /etc/default/grub.d/xen.cfg only works on english language system

		In	Importance	Status
1321144	/etc/default/grub.d/xen.cfg only works on english language system	xen (Ubuntu)	Medium	Fix Released
1321144	/etc/default/grub.d/xen.cfg only works on english language system	xen (Ubuntu Zesty)	Medium	Won't Fix
1321144	/etc/default/grub.d/xen.cfg only works on english language system	xen (Ubuntu Xenial)	Medium	Incomplete

See the

CVE page on Mitre.org for more details.

References

CONFIRM: https://xenbits.xen.or...
BID: 99411
SECTRACK: 1038722
GENTOO: GLSA-201708-03
GENTOO: GLSA-201710-17
DEBIAN: DSA-3969