Launchpad.net

CVE 2017-10920

The grant-table feature in Xen through 4.8.x mishandles a GNTMAP_device_map and GNTMAP_host_map mapping, when followed by only a GNTMAP_host_map unmapping, which allows guest OS users to cause a denial of service (count mismanagement and memory corruption) or obtain privileged host OS access, aka XSA-224 bug 1.

Related bugs and status

CVE-2017-10920 (Candidate) is related to these bugs:

Bug #1321144: /etc/default/grub.d/xen.cfg only works on english language system

		In	Importance	Status
1321144	/etc/default/grub.d/xen.cfg only works on english language system	xen (Ubuntu)	Medium	Fix Released
1321144	/etc/default/grub.d/xen.cfg only works on english language system	xen (Ubuntu Zesty)	Medium	Won't Fix
1321144	/etc/default/grub.d/xen.cfg only works on english language system	xen (Ubuntu Xenial)	Medium	Incomplete

See the

CVE page on Mitre.org for more details.

References

CONFIRM: https://xenbits.xen.or...
SECTRACK: 1038734
GENTOO: GLSA-201708-03
GENTOO: GLSA-201710-17
DEBIAN: DSA-3969