Note:
This project will be discontinued after December 13, 2021. [more]
2017-10-18
An issue was discovered in Xen 4.5.x through 4.9.x allowing attackers (who control a stub domain kernel or tool stack) to cause a denial of service (host OS crash) because of a missing comparison (of range start to range end) within the DMOP map/unmap implementation.
Products | Xen |
Type | Improper Input Validation (CWE-20) |
First patch | - None (likely due to unavailable code) |
Links |
• https://xenbits.xen.org/xsa/advisory-238.html
• https://security.gentoo.org/glsa/201801-14 |