CVE-2018-10472

Vulnerability from cvelistv5

Published

2018-04-27 15:00

Modified

2024-08-05 07:39

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://www.securityfocus.com/bid/104002	Third Party Advisory, VDB Entry
cve@mitre.org	https://lists.debian.org/debian-lts-announce/2018/10/msg00021.html
cve@mitre.org	https://security.gentoo.org/glsa/201810-06
cve@mitre.org	https://www.debian.org/security/2018/dsa-4201	Third Party Advisory
cve@mitre.org	https://xenbits.xen.org/xsa/advisory-258.html	Mitigation, Vendor Advisory

Impacted products

▼	Vendor	Product
	n/a	n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T07:39:07.640Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "GLSA-201810-06",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201810-06"
          },
          {
            "name": "[debian-lts-announce] 20181030 [SECURITY] [DLA 1559-1] xen security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/10/msg00021.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://xenbits.xen.org/xsa/advisory-258.html"
          },
          {
            "name": "104002",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/104002"
          },
          {
            "name": "DSA-4201",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2018/dsa-4201"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-04-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users (in certain configurations) to read arbitrary dom0 files via QMP live insertion of a CDROM, in conjunction with specifying the target file as the backing file of a snapshot."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-31T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "GLSA-201810-06",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201810-06"
        },
        {
          "name": "[debian-lts-announce] 20181030 [SECURITY] [DLA 1559-1] xen security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/10/msg00021.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://xenbits.xen.org/xsa/advisory-258.html"
        },
        {
          "name": "104002",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/104002"
        },
        {
          "name": "DSA-4201",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2018/dsa-4201"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-10472",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users (in certain configurations) to read arbitrary dom0 files via QMP live insertion of a CDROM, in conjunction with specifying the target file as the backing file of a snapshot."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "GLSA-201810-06",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201810-06"
            },
            {
              "name": "[debian-lts-announce] 20181030 [SECURITY] [DLA 1559-1] xen security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/10/msg00021.html"
            },
            {
              "name": "https://xenbits.xen.org/xsa/advisory-258.html",
              "refsource": "CONFIRM",
              "url": "https://xenbits.xen.org/xsa/advisory-258.html"
            },
            {
              "name": "104002",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/104002"
            },
            {
              "name": "DSA-4201",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2018/dsa-4201"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-10472",
    "datePublished": "2018-04-27T15:00:00",
    "dateReserved": "2018-04-27T00:00:00",
    "dateUpdated": "2024-08-05T07:39:07.640Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2018-10472\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2018-04-27T15:29:00.390\",\"lastModified\":\"2018-10-31T10:30:43.857\",\"vulnStatus\":\"Modified\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users (in certain configurations) to read arbitrary dom0 files via QMP live insertion of a CDROM, in conjunction with specifying the target file as the backing file of a snapshot.\"},{\"lang\":\"es\",\"value\":\"Se ha descubierto un problema en Xen hasta las versiones 4.10.x que permite que usuarios HVM x86 del sistema operativo invitado (en ciertas configuraciones) lean archivos dom0 arbitrarios mediante la inserci\u00f3n QMP de un CDROM, adem\u00e1s de especificando el archivo objetivo como el archivo de copia de seguridad de una captura.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\",\"baseScore\":5.6,\"baseSeverity\":\"MEDIUM\"},\"exploitabilityScore\":1.1,\"impactScore\":4.0}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:M/Au:N/C:P/I:N/A:N\",\"accessVector\":\"LOCAL\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\",\"baseScore\":1.9},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":3.4,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-200\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:xen:xen:*:*:*:*:*:*:x86:*\",\"versionEndIncluding\":\"4.10.1\",\"matchCriteriaId\":\"B87EBFBC-E284-42FD-8C3E-67BD80CADCAA\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/104002\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2018/10/msg00021.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://security.gentoo.org/glsa/201810-06\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://www.debian.org/security/2018/dsa-4201\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://xenbits.xen.org/xsa/advisory-258.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mitigation\",\"Vendor Advisory\"]}]}}"
  }
}

gsd-2018-10472

Vulnerability from gsd

Modified

2023-12-13 01:22

Details

Aliases

CVE-2018-10472

Aliases

CVE-2018-10472

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2018-10472",
    "description": "An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users (in certain configurations) to read arbitrary dom0 files via QMP live insertion of a CDROM, in conjunction with specifying the target file as the backing file of a snapshot.",
    "id": "GSD-2018-10472",
    "references": [
      "https://www.suse.com/security/cve/CVE-2018-10472.html",
      "https://www.debian.org/security/2018/dsa-4201"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2018-10472"
      ],
      "details": "An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users (in certain configurations) to read arbitrary dom0 files via QMP live insertion of a CDROM, in conjunction with specifying the target file as the backing file of a snapshot.",
      "id": "GSD-2018-10472",
      "modified": "2023-12-13T01:22:41.453381Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2018-10472",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users (in certain configurations) to read arbitrary dom0 files via QMP live insertion of a CDROM, in conjunction with specifying the target file as the backing file of a snapshot."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "GLSA-201810-06",
            "refsource": "GENTOO",
            "url": "https://security.gentoo.org/glsa/201810-06"
          },
          {
            "name": "[debian-lts-announce] 20181030 [SECURITY] [DLA 1559-1] xen security update",
            "refsource": "MLIST",
            "url": "https://lists.debian.org/debian-lts-announce/2018/10/msg00021.html"
          },
          {
            "name": "https://xenbits.xen.org/xsa/advisory-258.html",
            "refsource": "CONFIRM",
            "url": "https://xenbits.xen.org/xsa/advisory-258.html"
          },
          {
            "name": "104002",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/104002"
          },
          {
            "name": "DSA-4201",
            "refsource": "DEBIAN",
            "url": "https://www.debian.org/security/2018/dsa-4201"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:xen:xen:*:*:*:*:*:*:x86:*",
                "cpe_name": [],
                "versionEndIncluding": "4.10.1",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-10472"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users (in certain configurations) to read arbitrary dom0 files via QMP live insertion of a CDROM, in conjunction with specifying the target file as the backing file of a snapshot."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-200"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://xenbits.xen.org/xsa/advisory-258.html",
              "refsource": "CONFIRM",
              "tags": [
                "Mitigation",
                "Vendor Advisory"
              ],
              "url": "https://xenbits.xen.org/xsa/advisory-258.html"
            },
            {
              "name": "DSA-4201",
              "refsource": "DEBIAN",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://www.debian.org/security/2018/dsa-4201"
            },
            {
              "name": "104002",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/104002"
            },
            {
              "name": "[debian-lts-announce] 20181030 [SECURITY] [DLA 1559-1] xen security update",
              "refsource": "MLIST",
              "tags": [],
              "url": "https://lists.debian.org/debian-lts-announce/2018/10/msg00021.html"
            },
            {
              "name": "GLSA-201810-06",
              "refsource": "GENTOO",
              "tags": [],
              "url": "https://security.gentoo.org/glsa/201810-06"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 1.9,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "NONE",
            "vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 3.4,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "LOW",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 5.6,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.0"
          },
          "exploitabilityScore": 1.1,
          "impactScore": 4.0
        }
      },
      "lastModifiedDate": "2018-10-31T10:30Z",
      "publishedDate": "2018-04-27T15:29Z"
    }
  }
}

ghsa-pg2r-jv9g-9mg7

Vulnerability from github

Published

2022-05-14 02:03

Modified

2022-05-14 02:03

Severity ?

5.6 (Medium) - CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2018-10472"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-200"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-04-27T15:29:00Z",
    "severity": "MODERATE"
  },
  "details": "An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users (in certain configurations) to read arbitrary dom0 files via QMP live insertion of a CDROM, in conjunction with specifying the target file as the backing file of a snapshot.",
  "id": "GHSA-pg2r-jv9g-9mg7",
  "modified": "2022-05-14T02:03:24Z",
  "published": "2022-05-14T02:03:24Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-10472"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2018/10/msg00021.html"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/201810-06"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2018/dsa-4201"
    },
    {
      "type": "WEB",
      "url": "https://xenbits.xen.org/xsa/advisory-258.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/104002"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users (in certain configurations) to read arbitrary dom0 files via QMP live insertion of a CDROM, in conjunction with specifying the target file as the backing file of a snapshot. Xen Contains an information disclosure vulnerability.Information may be obtained. Xen is an open source virtual machine monitor product developed by the University of Cambridge, England. The product enables different and incompatible operating systems to run on the same computer and supports migration at runtime to ensure proper operation and avoid downtime. There are security vulnerabilities in Xen 4.10.x and earlier. An attacker could exploit this vulnerability to read any dom0 file. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512

Debian Security Advisory DSA-4201-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff May 15, 2018 https://www.debian.org/security/faq

Package : xen CVE ID : CVE-2018-8897 CVE-2018-10471 CVE-2018-10472 CVE-2018-10981 CVE-2018-10982

Multiple vulnerabilities have been discovered in the Xen hypervisor:

CVE-2018-8897

Andy Lutomirski and Nick Peterson discovered that incorrect handling
of debug exceptions could result in privilege escalation.

CVE-2018-10471

An error was discovered in the mitigations against Meltdown which
could result in denial of service.

CVE-2018-10472

Anthony Perard discovered that incorrect parsing of CDROM images
can result in information disclosure.

CVE-2018-10981

Jan Beulich discovered that malformed device models could result
in denial of service.

CVE-2018-10982

Roger Pau Monne discovered that incorrect handling of high precision
event timers could result in denial of service and potentially
privilege escalation.

For the stable distribution (stretch), these problems have been fixed in version 4.8.3+comet2+shim4.10.0+comet3-1+deb9u6.

We recommend that you upgrade your xen packages.

For the detailed security status of xen please refer to its security tracker page at: https://security-tracker.debian.org/tracker/xen

Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlr7PHoACgkQEMKTtsN8 TjbvyBAAqSJFsDcTo75hggE1faIttXR3UKOwJ4eSKbkf3G6/JnvotuO5z4bQXDBC XZfkL6kOTl579vmCGgCvBv/SrrPrJ1ibhrw+Dz1MIcjX4Yt9mb6NriWuMTObknca uw6qJakWZTB3tFcp3LlmN80B8lY/67XR8mQaZ4f0yHhGEfqIunEtSgLelmp5lLu2 M/m1iH9zQon3muhQiXiHJeMg1ghJ3xvFKbuEU9prih4NNinxquv0pmAzfbPCCBN6 E4cuEjArzdnwLydeWfCoLrFOZh5rvoMTmmK8gj2/KVlbC5YgJ5/xVlc89B4PaJKL m3oUV2dnLEpubC7uuXSOoejMnfbPcOGM4VYrmuIuxEfZZVNYE/NxvmNCZ+JDzQV7 Z939vOgyqyuojFFt7lgvoCWM2Q3xDRMrE9akK1KyAGmvyRzoczblw8N6dzL8sain gs5LUE/5dCJWQWv4IPz/V/nl50Lh+tYjbdVuZaiXxKYiqiWuCY0Ea+8QIb2UWGrk rC2BUYaoYBEo0vQhzBIi91E2hyQ+2Y6+zP6zTVTEA8PDw2YnfdffzydQ3Z9l4OSN IoTOojXPpMdcCSVzBC5OkvzBuQ6qzkVh3vftxajYazuiSrPJl8KenLJ6jFlpCzA3 p+140rFiElDCUkHacCmfs4zWQ+/ZLcoAppIxvxDEZYWyRJp3qgU= =KAUD -----END PGP SIGNATURE----- . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201810-06

                                       https://security.gentoo.org/

Severity: Normal Title: Xen: Multiple vulnerabilities Date: October 30, 2018 Bugs: #643350, #655188, #655544, #659442 ID: 201810-06

Synopsis

Multiple vulnerabilities have been found in Xen, the worst of which could cause a Denial of Service condition.

Background

Xen is a bare-metal hypervisor.

Affected packages

-------------------------------------------------------------------
 Package              /     Vulnerable     /            Unaffected
-------------------------------------------------------------------

1 app-emulation/xen < 4.10.1-r2 >= 4.10.1-r2 2 app-emulation/xen-tools < 4.10.1-r2 >= 4.10.1-r2 ------------------------------------------------------------------- 2 affected packages

Description

Multiple vulnerabilities have been discovered in Xen. Please review the referenced CVE identifiers for details.

Impact

A local attacker could cause a Denial of Service condition or disclose sensitive information.

Workaround

There is no known workaround at this time.

Resolution

All Xen users should upgrade to the latest version:

# emerge --sync # emerge --ask --oneshot --verbose ">=app-emulation/xen-4.10.1-r2"

All Xen tools users should upgrade to the latest version:

# emerge --sync # emerge --ask --oneshot -v ">=app-emulation/xen-tools-4.10.1-r2"

References

[ 1 ] CVE-2017-5715 https://nvd.nist.gov/vuln/detail/CVE-2017-5715 [ 2 ] CVE-2017-5753 https://nvd.nist.gov/vuln/detail/CVE-2017-5753 [ 3 ] CVE-2017-5754 https://nvd.nist.gov/vuln/detail/CVE-2017-5754 [ 4 ] CVE-2018-10471 https://nvd.nist.gov/vuln/detail/CVE-2018-10471 [ 5 ] CVE-2018-10472 https://nvd.nist.gov/vuln/detail/CVE-2018-10472 [ 6 ] CVE-2018-10981 https://nvd.nist.gov/vuln/detail/CVE-2018-10981 [ 7 ] CVE-2018-10982 https://nvd.nist.gov/vuln/detail/CVE-2018-10982 [ 8 ] CVE-2018-12891 https://nvd.nist.gov/vuln/detail/CVE-2018-12891 [ 9 ] CVE-2018-12892 https://nvd.nist.gov/vuln/detail/CVE-2018-12892 [ 10 ] CVE-2018-12893 https://nvd.nist.gov/vuln/detail/CVE-2018-12893 [ 11 ] CVE-2018-15468 https://nvd.nist.gov/vuln/detail/CVE-2018-15468 [ 12 ] CVE-2018-15469 https://nvd.nist.gov/vuln/detail/CVE-2018-15469 [ 13 ] CVE-2018-15470 https://nvd.nist.gov/vuln/detail/CVE-2018-15470 [ 14 ] CVE-2018-3620 https://nvd.nist.gov/vuln/detail/CVE-2018-3620 [ 15 ] CVE-2018-3646 https://nvd.nist.gov/vuln/detail/CVE-2018-3646 [ 16 ] CVE-2018-5244 https://nvd.nist.gov/vuln/detail/CVE-2018-5244 [ 17 ] CVE-2018-7540 https://nvd.nist.gov/vuln/detail/CVE-2018-7540 [ 18 ] CVE-2018-7541 https://nvd.nist.gov/vuln/detail/CVE-2018-7541 [ 19 ] CVE-2018-7542 https://nvd.nist.gov/vuln/detail/CVE-2018-7542

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

https://security.gentoo.org/glsa/201810-06

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.

License

The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201804-0701",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "linux",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "debian",
        "version": "9.0"
      },
      {
        "model": "xen",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "xen",
        "version": "4.10.1"
      },
      {
        "model": "gnu/linux",
        "scope": null,
        "trust": 0.8,
        "vendor": "debian",
        "version": null
      },
      {
        "model": "xen",
        "scope": null,
        "trust": 0.8,
        "vendor": "xen",
        "version": null
      },
      {
        "model": "xen",
        "scope": "lte",
        "trust": 0.6,
        "vendor": "xen",
        "version": "\u003c=4.10.*"
      },
      {
        "model": "xen",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "xen",
        "version": "4.7"
      },
      {
        "model": "xen",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "xen",
        "version": "4.6"
      },
      {
        "model": "xen",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "xen",
        "version": "4.9"
      },
      {
        "model": "xen",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "xen",
        "version": "4.6.3"
      },
      {
        "model": "xen",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "xen",
        "version": "4.10"
      },
      {
        "model": "linux sparc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "6.0"
      },
      {
        "model": "linux s/390",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "6.0"
      },
      {
        "model": "linux powerpc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "6.0"
      },
      {
        "model": "linux mips",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "6.0"
      },
      {
        "model": "linux ia-64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "6.0"
      },
      {
        "model": "linux ia-32",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "6.0"
      },
      {
        "model": "linux arm",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "6.0"
      },
      {
        "model": "linux amd64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "6.0"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2018-10143"
      },
      {
        "db": "BID",
        "id": "104002"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-004610"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-10472"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201804-1511"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:xen:xen:*:*:*:*:*:*:x86:*",
                "cpe_name": [],
                "versionEndIncluding": "4.10.1",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2018-10472"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Anthony Perard of Citrix.",
    "sources": [
      {
        "db": "BID",
        "id": "104002"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2018-10472",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "MEDIUM",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "NONE",
            "baseScore": 1.9,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 3.4,
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "LOW",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Medium",
            "accessVector": "Local",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 1.9,
            "confidentialityImpact": "Partial",
            "exploitabilityScore": null,
            "id": "CVE-2018-10472",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Low",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2018-10143",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "author": "NVD",
            "availabilityImpact": "NONE",
            "baseScore": 5.6,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 1.1,
            "impactScore": 4.0,
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.0"
          },
          {
            "attackComplexity": "High",
            "attackVector": "Local",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 5.6,
            "baseSeverity": "Medium",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2018-10472",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "Low",
            "scope": "Changed",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2018-10472",
            "trust": 1.8,
            "value": "MEDIUM"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2018-10143",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201804-1511",
            "trust": 0.6,
            "value": "LOW"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2018-10143"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-004610"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-10472"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201804-1511"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users (in certain configurations) to read arbitrary dom0 files via QMP live insertion of a CDROM, in conjunction with specifying the target file as the backing file of a snapshot. Xen Contains an information disclosure vulnerability.Information may be obtained. Xen is an open source virtual machine monitor product developed by the University of Cambridge, England. The product enables different and incompatible operating systems to run on the same computer and supports migration at runtime to ensure proper operation and avoid downtime. There are security vulnerabilities in Xen 4.10.x and earlier. An attacker could exploit this vulnerability to read any dom0 file. \nAttackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\n- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4201-1                   security@debian.org\nhttps://www.debian.org/security/                       Moritz Muehlenhoff\nMay 15, 2018                          https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage        : xen\nCVE ID         : CVE-2018-8897 CVE-2018-10471 CVE-2018-10472 CVE-2018-10981 \n                 CVE-2018-10982\n\nMultiple vulnerabilities have been discovered in the Xen hypervisor:\n\nCVE-2018-8897\n\n    Andy Lutomirski and Nick Peterson discovered that incorrect handling\n    of debug exceptions could result in privilege escalation. \n\nCVE-2018-10471\n\n    An error was discovered in the mitigations against Meltdown which\n    could result in denial of service. \n\nCVE-2018-10472\n\n    Anthony Perard discovered that incorrect parsing of CDROM images\n    can result in information disclosure. \n\nCVE-2018-10981\n\n    Jan Beulich discovered that malformed device models could result\n    in denial of service. \n\nCVE-2018-10982\n\n    Roger Pau Monne discovered that incorrect handling of high precision\n    event timers could result in denial of service and potentially\n    privilege escalation. \n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 4.8.3+comet2+shim4.10.0+comet3-1+deb9u6. \n\nWe recommend that you upgrade your xen packages. \n\nFor the detailed security status of xen please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/xen\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\n\niQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlr7PHoACgkQEMKTtsN8\nTjbvyBAAqSJFsDcTo75hggE1faIttXR3UKOwJ4eSKbkf3G6/JnvotuO5z4bQXDBC\nXZfkL6kOTl579vmCGgCvBv/SrrPrJ1ibhrw+Dz1MIcjX4Yt9mb6NriWuMTObknca\nuw6qJakWZTB3tFcp3LlmN80B8lY/67XR8mQaZ4f0yHhGEfqIunEtSgLelmp5lLu2\nM/m1iH9zQon3muhQiXiHJeMg1ghJ3xvFKbuEU9prih4NNinxquv0pmAzfbPCCBN6\nE4cuEjArzdnwLydeWfCoLrFOZh5rvoMTmmK8gj2/KVlbC5YgJ5/xVlc89B4PaJKL\nm3oUV2dnLEpubC7uuXSOoejMnfbPcOGM4VYrmuIuxEfZZVNYE/NxvmNCZ+JDzQV7\nZ939vOgyqyuojFFt7lgvoCWM2Q3xDRMrE9akK1KyAGmvyRzoczblw8N6dzL8sain\ngs5LUE/5dCJWQWv4IPz/V/nl50Lh+tYjbdVuZaiXxKYiqiWuCY0Ea+8QIb2UWGrk\nrC2BUYaoYBEo0vQhzBIi91E2hyQ+2Y6+zP6zTVTEA8PDw2YnfdffzydQ3Z9l4OSN\nIoTOojXPpMdcCSVzBC5OkvzBuQ6qzkVh3vftxajYazuiSrPJl8KenLJ6jFlpCzA3\np+140rFiElDCUkHacCmfs4zWQ+/ZLcoAppIxvxDEZYWyRJp3qgU=\n=KAUD\n-----END PGP SIGNATURE-----\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory                           GLSA 201810-06\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n                                           https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n    Title: Xen: Multiple vulnerabilities\n     Date: October 30, 2018\n     Bugs: #643350, #655188, #655544, #659442\n       ID: 201810-06\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in Xen, the worst of which\ncould cause a Denial of Service condition. \n\nBackground\n==========\n\nXen is a bare-metal hypervisor. \n\nAffected packages\n=================\n\n    -------------------------------------------------------------------\n     Package              /     Vulnerable     /            Unaffected\n    -------------------------------------------------------------------\n  1  app-emulation/xen          \u003c 4.10.1-r2              \u003e= 4.10.1-r2\n  2  app-emulation/xen-tools    \u003c 4.10.1-r2              \u003e= 4.10.1-r2\n    -------------------------------------------------------------------\n     2 affected packages\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in Xen. Please review the\nreferenced CVE identifiers for details. \n\nImpact\n======\n\nA local attacker could cause a Denial of Service condition or disclose\nsensitive information. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Xen users should upgrade to the latest version:\n\n  # emerge --sync\n  # emerge --ask --oneshot --verbose \"\u003e=app-emulation/xen-4.10.1-r2\"\n\nAll Xen tools users should upgrade to the latest version:\n\n  # emerge --sync\n  # emerge --ask --oneshot -v \"\u003e=app-emulation/xen-tools-4.10.1-r2\"\n\nReferences\n==========\n\n[  1 ] CVE-2017-5715\n       https://nvd.nist.gov/vuln/detail/CVE-2017-5715\n[  2 ] CVE-2017-5753\n       https://nvd.nist.gov/vuln/detail/CVE-2017-5753\n[  3 ] CVE-2017-5754\n       https://nvd.nist.gov/vuln/detail/CVE-2017-5754\n[  4 ] CVE-2018-10471\n       https://nvd.nist.gov/vuln/detail/CVE-2018-10471\n[  5 ] CVE-2018-10472\n       https://nvd.nist.gov/vuln/detail/CVE-2018-10472\n[  6 ] CVE-2018-10981\n       https://nvd.nist.gov/vuln/detail/CVE-2018-10981\n[  7 ] CVE-2018-10982\n       https://nvd.nist.gov/vuln/detail/CVE-2018-10982\n[  8 ] CVE-2018-12891\n       https://nvd.nist.gov/vuln/detail/CVE-2018-12891\n[  9 ] CVE-2018-12892\n       https://nvd.nist.gov/vuln/detail/CVE-2018-12892\n[ 10 ] CVE-2018-12893\n       https://nvd.nist.gov/vuln/detail/CVE-2018-12893\n[ 11 ] CVE-2018-15468\n       https://nvd.nist.gov/vuln/detail/CVE-2018-15468\n[ 12 ] CVE-2018-15469\n       https://nvd.nist.gov/vuln/detail/CVE-2018-15469\n[ 13 ] CVE-2018-15470\n       https://nvd.nist.gov/vuln/detail/CVE-2018-15470\n[ 14 ] CVE-2018-3620\n       https://nvd.nist.gov/vuln/detail/CVE-2018-3620\n[ 15 ] CVE-2018-3646\n       https://nvd.nist.gov/vuln/detail/CVE-2018-3646\n[ 16 ] CVE-2018-5244\n       https://nvd.nist.gov/vuln/detail/CVE-2018-5244\n[ 17 ] CVE-2018-7540\n       https://nvd.nist.gov/vuln/detail/CVE-2018-7540\n[ 18 ] CVE-2018-7541\n       https://nvd.nist.gov/vuln/detail/CVE-2018-7541\n[ 19 ] CVE-2018-7542\n       https://nvd.nist.gov/vuln/detail/CVE-2018-7542\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201810-06\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2018 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttps://creativecommons.org/licenses/by-sa/2.5\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2018-10472"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-004610"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-10143"
      },
      {
        "db": "BID",
        "id": "104002"
      },
      {
        "db": "PACKETSTORM",
        "id": "147651"
      },
      {
        "db": "PACKETSTORM",
        "id": "150083"
      }
    ],
    "trust": 2.61
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2018-10472",
        "trust": 3.5
      },
      {
        "db": "BID",
        "id": "104002",
        "trust": 1.9
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-004610",
        "trust": 0.8
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-10143",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201804-1511",
        "trust": 0.6
      },
      {
        "db": "PACKETSTORM",
        "id": "147651",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "150083",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2018-10143"
      },
      {
        "db": "BID",
        "id": "104002"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-004610"
      },
      {
        "db": "PACKETSTORM",
        "id": "147651"
      },
      {
        "db": "PACKETSTORM",
        "id": "150083"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-10472"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201804-1511"
      }
    ]
  },
  "id": "VAR-201804-0701",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2018-10143"
      }
    ],
    "trust": 0.06
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2018-10143"
      }
    ]
  },
  "last_update_date": "2023-12-18T10:53:48.953000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "DSA-4201-1 xen -- security update",
        "trust": 0.8,
        "url": "https://www.debian.org/security/2018/dsa-4201"
      },
      {
        "title": "XSA-258",
        "trust": 0.8,
        "url": "https://xenbits.xen.org/xsa/advisory-258.html"
      },
      {
        "title": "Xen arbitrary file read vulnerability patch",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchinfo/show/130045"
      },
      {
        "title": "Xen Security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=79749"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2018-10143"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-004610"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201804-1511"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-200",
        "trust": 1.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-004610"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-10472"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.6,
        "url": "http://www.securityfocus.com/bid/104002"
      },
      {
        "trust": 1.6,
        "url": "https://xenbits.xen.org/xsa/advisory-258.html"
      },
      {
        "trust": 1.1,
        "url": "https://security.gentoo.org/glsa/201810-06"
      },
      {
        "trust": 1.0,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-10472"
      },
      {
        "trust": 1.0,
        "url": "https://lists.debian.org/debian-lts-announce/2018/10/msg00021.html"
      },
      {
        "trust": 1.0,
        "url": "https://www.debian.org/security/2018/dsa-4201"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-10472"
      },
      {
        "trust": 0.3,
        "url": "http://xen.xensource.com/"
      },
      {
        "trust": 0.3,
        "url": "http://xenbits.xenproject.org/xsa/advisory-258.txt"
      },
      {
        "trust": 0.3,
        "url": "http://xenbits.xenproject.org/xsa/advisory-258.html"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-10471"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-10982"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-10981"
      },
      {
        "trust": 0.1,
        "url": "https://security-tracker.debian.org/tracker/xen"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-8897"
      },
      {
        "trust": 0.1,
        "url": "https://www.debian.org/security/faq"
      },
      {
        "trust": 0.1,
        "url": "https://www.debian.org/security/"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-5244"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-7542"
      },
      {
        "trust": 0.1,
        "url": "https://security.gentoo.org/"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-12892"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-12891"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-5753"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-12893"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-15469"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-5754"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-3620"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-5715"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-15468"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-3646"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-15470"
      },
      {
        "trust": 0.1,
        "url": "https://creativecommons.org/licenses/by-sa/2.5"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-7541"
      },
      {
        "trust": 0.1,
        "url": "https://bugs.gentoo.org."
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-7540"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2018-10143"
      },
      {
        "db": "BID",
        "id": "104002"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-004610"
      },
      {
        "db": "PACKETSTORM",
        "id": "147651"
      },
      {
        "db": "PACKETSTORM",
        "id": "150083"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-10472"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201804-1511"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2018-10143"
      },
      {
        "db": "BID",
        "id": "104002"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-004610"
      },
      {
        "db": "PACKETSTORM",
        "id": "147651"
      },
      {
        "db": "PACKETSTORM",
        "id": "150083"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-10472"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201804-1511"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-05-23T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2018-10143"
      },
      {
        "date": "2018-04-25T00:00:00",
        "db": "BID",
        "id": "104002"
      },
      {
        "date": "2018-06-25T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2018-004610"
      },
      {
        "date": "2018-05-16T07:54:27",
        "db": "PACKETSTORM",
        "id": "147651"
      },
      {
        "date": "2018-10-31T01:14:40",
        "db": "PACKETSTORM",
        "id": "150083"
      },
      {
        "date": "2018-04-27T15:29:00.390000",
        "db": "NVD",
        "id": "CVE-2018-10472"
      },
      {
        "date": "2018-04-28T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201804-1511"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-05-23T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2018-10143"
      },
      {
        "date": "2018-05-17T06:00:00",
        "db": "BID",
        "id": "104002"
      },
      {
        "date": "2018-06-25T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2018-004610"
      },
      {
        "date": "2018-10-31T10:30:43.857000",
        "db": "NVD",
        "id": "CVE-2018-10472"
      },
      {
        "date": "2018-04-28T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201804-1511"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201804-1511"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Xen Vulnerable to information disclosure",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-004610"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "information disclosure",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201804-1511"
      }
    ],
    "trust": 0.6
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2018-10472

Vulnerability from cvelistv5

gsd-2018-10472

Vulnerability from gsd

ghsa-pg2r-jv9g-9mg7

Vulnerability from github

var-201804-0701

Vulnerability from variot

Synopsis

Background

Affected packages

Description

Impact

Workaround

Resolution

References

Availability

Concerns?

License

Tags

Sightings

Nomenclature