Xen Information Disclosure Vulnerability: CVE-2017-17046

by CIRT Team

Description: An issue was discovered in Xen through 4.9.x on the ARM platform allowing guest OS users to obtain sensitive information from DRAM after a reboot, because disjoint blocks, and physical addresses that do not start at zero, are mishandled.

Impact: Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks.

Mitigation: Updates are available. Please see the references or vendor advisory for more information.

Reference URL’s:

• http://xenbits.xenproject.org/xsa/advisory-245.html
• http://www.securityfocus.com/bid/101067/info
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17046

CIRT Team

Recommended Posts

Cyber Threat Alert: Surge in Attacks via Compromised Third-Party Service Providers

08 Feb 2024 - Articles, English articles, Security Advisories & Alerts

বাংলাদেশের আইটি কাঠামোয় তথ্য চুরির ম্যালওয়ারের বিস্তার সম্পর্কে সতর্কতা

18 Jan 2024 - Articles, Bangla Articles, News, Security Advisories & Alerts

সাইবার থ্রেট এলার্টঃ বাংলাদেশকে লক্ষ্য করে চলমান ফিশিং ক্যাম্পেইন

04 Jan 2024 - News, Security Advisories & Alerts