FreeBSD5555120D-BA4D-11E6-AE1B-002590263BF5xen-kernel -- guest 32-bit ELF symbol table load leaking host data
6.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
0.001 Low
EPSS
Percentile
24.6%
The Xen Project reports:
Along with their main kernel binary, unprivileged guests may
arrange to have their Xen environment load (kernel) symbol tables
for their use. The ELF image metadata created for this purpose has a
few unused bytes when the symbol table binary is in 32-bit ELF
format. These unused bytes were not properly cleared during symbol
table loading.
A malicious unprivileged guest may be able to obtain sensitive
information from the host.
The information leak is small and not under the control of the
guest, so effectively exploiting this vulnerability is probably
difficult.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| FreeBSD | any | noarch | xen-kernel | = 4.7 | UNKNOWN |
| FreeBSD | any | noarch | xen-kernel | < 4.7.1 | UNKNOWN |
References
Related
6.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
0.001 Low
EPSS
Percentile
24.6%