CVE-2017-10922

Published: 05 July 2017

The grant-table feature in Xen through 4.8.x mishandles MMIO region grant references, which allows guest OS users to cause a denial of service (loss of grant trackability), aka XSA-224 bug 3.

Priority

CVSS 3 base score: 7.5

Status

Package	Release	Status
xen Launchpad, Ubuntu, Debian	Upstream	Needs triage




	Ubuntu 16.04 ESM (Xenial Xerus)	Released (4.6.5-0ubuntu1.2)
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist (trusty was released [4.4.2-0ubuntu0.14.04.12])
	Binaries built from this source package are in Universe and so are supported by the community.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10922
https://xenbits.xen.org/xsa/advisory-224.html
NVD
Launchpad
Debian

Join the discussion

Ubuntu security updates mailing list
Security announcements mailing list

Canonical is offering Extended Security Maintenance

Canonical is offering Ubuntu Extended Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›

CVE-2017-10922

Medium

Status

References

Join the discussion

Canonical is offering Extended Security Maintenance

Further reading