CVE-2017-17564

Published Dec 12, 2017

Last updated 6 years ago

Overview

Description
An issue was discovered in Xen through 4.9.x allowing guest OS users to cause a denial of service (host OS crash) or gain host OS privileges by leveraging incorrect error handling for reference counting in shadow mode.
Source
cve@mitre.org
NVD status
Modified

Risk scores

CVSS 3.0

Type
Primary
Base score
7.8
Impact score
6
Exploitability score
1.1
Vector string
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
Severity
HIGH

CVSS 2.0

Type
Primary
Base score
6.9
Impact score
10
Exploitability score
3.4
Vector string
AV:L/AC:M/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov
CWE-388

Social media

Hype score
Not currently trending

Configurations