Candidate: CVE-2017-15591
PublicDate: 2017-10-18 08:29:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15591
 https://xenbits.xen.org/xsa/advisory-238.html
Description:
 An issue was discovered in Xen 4.5.x through 4.9.x allowing attackers (who
 control a stub domain kernel or tool stack) to cause a denial of service
 (host OS crash) because of a missing comparison (of range start to range
 end) within the DMOP map/unmap implementation.
Ubuntu-Description:
Notes:
 mdeslaur> hypervisor packages are in universe. For
 mdeslaur> issues in the hypervisor, add appropriate
 mdeslaur> tags to each section, ex:
 mdeslaur> Tags_xen: universe-binary
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H [6.5 MEDIUM]

Patches_xen:
-- Tags_xen: universe-binary
upstream_xen: released (4.9.1)
precise/esm_xen: DNE
trusty_xen: ignored (reached end-of-life)
trusty/esm_xen: DNE (trusty was needs-triage)
xenial_xen: released (4.6.4-0ubuntu1.4)
esm-infra/xenial_xen: released (4.6.4-0ubuntu1.4)
zesty_xen: ignored (reached end-of-life)
artful_xen: ignored (reached end-of-life)
bionic_xen: released (4.9.2-0ubuntu1)
cosmic_xen: not-affected (4.9.2-0ubuntu1)
disco_xen: not-affected (4.9.2-0ubuntu1)
devel_xen: not-affected (4.9.2-0ubuntu1)