CVE-2017-14316
Severity CVSS v4.0:
Pending analysis
Type:
CWE-125
Out-of-bounds Read
Publication date:
12/09/2017
Last modified:
20/04/2025
Description
A parameter verification issue was discovered in Xen through 4.9.x. The function `alloc_heap_pages` allows callers to specify the first NUMA node that should be used for allocations through the `memflags` parameter; the node is extracted using the `MEMF_get_node` macro. While the function checks to see if the special constant `NUMA_NO_NODE` is specified, it otherwise does not handle the case where `node >= MAX_NUMNODES`. This allows an out-of-bounds access to an internal array.
Impact
Base Score 3.x
8.80
Severity 3.x
HIGH
Base Score 2.0
7.20
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:xen:xen:*:*:*:*:*:*:*:* | 4.9.0 (including) |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://www.securityfocus.com/bid/100818
- http://www.securitytracker.com/id/1039348
- http://xenbits.xen.org/xsa/advisory-231.html
- https://lists.debian.org/debian-lts-announce/2018/10/msg00009.html
- https://support.citrix.com/article/CTX227185
- https://www.debian.org/security/2017/dsa-4050
- http://www.securityfocus.com/bid/100818
- http://www.securitytracker.com/id/1039348
- http://xenbits.xen.org/xsa/advisory-231.html
- https://lists.debian.org/debian-lts-announce/2018/10/msg00009.html
- https://support.citrix.com/article/CTX227185
- https://www.debian.org/security/2017/dsa-4050