{"id":"UBUNTU-CVE-2019-17343","details":"An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges by leveraging incorrect use of the HVM physmap concept for PV domains.","modified":"2025-10-24T04:47:55Z","published":"2019-10-08T01:15:00Z","upstream":["CVE-2019-17343"],"references":[{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2019-17343"},{"type":"REPORT","url":"https://xenbits.xen.org/xsa/advisory-288.html"},{"type":"REPORT","url":"https://www.cve.org/CVERecord?id=CVE-2019-17343"}],"affected":[{"package":{"name":"xen","ecosystem":"Ubuntu:16.04:LTS","purl":"pkg:deb/ubuntu/xen@4.6.5-0ubuntu1.4?arch=source&distro=xenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["4.5.1-0ubuntu1","4.5.1-0ubuntu2","4.6.0-1ubuntu1","4.6.0-1ubuntu2","4.6.0-1ubuntu4","4.6.0-1ubuntu4.1","4.6.0-1ubuntu4.2","4.6.0-1ubuntu4.3","4.6.5-0ubuntu1","4.6.5-0ubuntu1.1","4.6.5-0ubuntu1.2","4.6.5-0ubuntu1.4"],"ecosystem_specific":{"binaries":[{"binary_version":"4.6.5-0ubuntu1.4","binary_name":"libxen-4.6"},{"binary_version":"4.6.5-0ubuntu1.4","binary_name":"libxen-dev"},{"binary_version":"4.6.5-0ubuntu1.4","binary_name":"libxenstore3.0"},{"binary_version":"4.6.5-0ubuntu1.4","binary_name":"xen-hypervisor-4.4-amd64"},{"binary_version":"4.6.5-0ubuntu1.4","binary_name":"xen-hypervisor-4.4-arm64"},{"binary_version":"4.6.5-0ubuntu1.4","binary_name":"xen-hypervisor-4.4-armhf"},{"binary_version":"4.6.5-0ubuntu1.4","binary_name":"xen-hypervisor-4.5-amd64"},{"binary_version":"4.6.5-0ubuntu1.4","binary_name":"xen-hypervisor-4.5-arm64"},{"binary_version":"4.6.5-0ubuntu1.4","binary_name":"xen-hypervisor-4.5-armhf"},{"binary_version":"4.6.5-0ubuntu1.4","binary_name":"xen-hypervisor-4.6-amd64"},{"binary_version":"4.6.5-0ubuntu1.4","binary_name":"xen-hypervisor-4.6-arm64"},{"binary_version":"4.6.5-0ubuntu1.4","binary_name":"xen-hypervisor-4.6-armhf"},{"binary_version":"4.6.5-0ubuntu1.4","binary_name":"xen-system-amd64"},{"binary_version":"4.6.5-0ubuntu1.4","binary_name":"xen-system-arm64"},{"binary_version":"4.6.5-0ubuntu1.4","binary_name":"xen-system-armhf"},{"binary_version":"4.6.5-0ubuntu1.4","binary_name":"xen-utils-4.6"},{"binary_version":"4.6.5-0ubuntu1.4","binary_name":"xen-utils-common"},{"binary_version":"4.6.5-0ubuntu1.4","binary_name":"xenstore-utils"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2019/UBUNTU-CVE-2019-17343.json"}},{"package":{"name":"xen","ecosystem":"Ubuntu:18.04:LTS","purl":"pkg:deb/ubuntu/xen@4.9.2-0ubuntu1?arch=source&distro=bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["4.9.0-0ubuntu3","4.9.0-0ubuntu4","4.9.2-0ubuntu1"],"ecosystem_specific":{"binaries":[{"binary_version":"4.9.2-0ubuntu1","binary_name":"libxen-4.9"},{"binary_version":"4.9.2-0ubuntu1","binary_name":"libxen-dev"},{"binary_version":"4.9.2-0ubuntu1","binary_name":"libxenstore3.0"},{"binary_version":"4.9.2-0ubuntu1","binary_name":"xen-hypervisor-4.6-amd64"},{"binary_version":"4.9.2-0ubuntu1","binary_name":"xen-hypervisor-4.6-arm64"},{"binary_version":"4.9.2-0ubuntu1","binary_name":"xen-hypervisor-4.6-armhf"},{"binary_version":"4.9.2-0ubuntu1","binary_name":"xen-hypervisor-4.7-amd64"},{"binary_version":"4.9.2-0ubuntu1","binary_name":"xen-hypervisor-4.7-arm64"},{"binary_version":"4.9.2-0ubuntu1","binary_name":"xen-hypervisor-4.7-armhf"},{"binary_version":"4.9.2-0ubuntu1","binary_name":"xen-hypervisor-4.8-amd64"},{"binary_version":"4.9.2-0ubuntu1","binary_name":"xen-hypervisor-4.8-arm64"},{"binary_version":"4.9.2-0ubuntu1","binary_name":"xen-hypervisor-4.8-armhf"},{"binary_version":"4.9.2-0ubuntu1","binary_name":"xen-hypervisor-4.9-amd64"},{"binary_version":"4.9.2-0ubuntu1","binary_name":"xen-hypervisor-4.9-arm64"},{"binary_version":"4.9.2-0ubuntu1","binary_name":"xen-hypervisor-4.9-armhf"},{"binary_version":"4.9.2-0ubuntu1","binary_name":"xen-system-amd64"},{"binary_version":"4.9.2-0ubuntu1","binary_name":"xen-system-arm64"},{"binary_version":"4.9.2-0ubuntu1","binary_name":"xen-system-armhf"},{"binary_version":"4.9.2-0ubuntu1","binary_name":"xen-utils-4.9"},{"binary_version":"4.9.2-0ubuntu1","binary_name":"xen-utils-common"},{"binary_version":"4.9.2-0ubuntu1","binary_name":"xenstore-utils"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2019/UBUNTU-CVE-2019-17343.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}]}