← Retour aux CVEs
CVE-2017-7995
N/ADescription
Xen PV guest before Xen 4.3 checked access permissions to MMIO ranges only after accessing them, allowing host PCI device space memory reads, leading to information disclosure. This is an error in the get_user function. NOTE: the upstream Xen Project considers versions before 4.5.x to be EOL.
Details CVE
Score CVSS v3.1N/A
Publie5/3/2017
Derniere modification4/20/2025
Sourcenvd
Observations honeypot0
Produits affectes
novell:suse_linux_enterprise_point_of_salenovell:suse_linux_enterprise_serversuse:managersuse:manager_proxysuse:openstack_cloudxen:xen
Faiblesses (CWE)
CWE-200
References
http://www.securityfocus.com/bid/98314(cve@mitre.org)
https://bugzilla.suse.com/show_bug.cgi?id=1033948(cve@mitre.org)
http://lists.opensuse.org/opensuse-security-announce/2017-05/msg00005.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/98314(af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.suse.com/show_bug.cgi?id=1033948(af854a3a-2127-422b-91ae-364da2661108)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.