CVE-2017-10916 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2017-10916 Interim 1 23 2025-11-05T03:56:02Z current 2021-05-30T13:58:26Z 2025-11-05T03:56:02Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2017-10916 The vCPU context-switch implementation in Xen through 4.8.x improperly interacts with the Memory Protection Extensions (MPX) and Protection Key (PKU) features, which makes it easier for guest OS users to defeat ASLR and other protection mechanisms, aka XSA-220. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.suse.com/pipermail/sle-security-updates/2017-July/003016.html E-Mail link for SUSE-SU-2017:1812-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Server 11 SP1 for Teradata SUSE Linux Enterprise Server 11 SP3 LTSS SUSE Linux Enterprise Server 11 SP3 for Teradata SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Server 11 SP4-LTSS SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12-LTSS SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Server for SAP Applications 12 SP1 SUSE OpenStack Cloud 6 xen xen-4.5.5_12-22.18.1 xen-devel xen-doc-html xen-doc-html-4.5.5_12-22.18.1 xen-kmp-default xen-kmp-default-4.5.5_12_k3.12.74_60.64.45-22.18.1 xen-kmp-pae xen-libs xen-libs-32bit xen-libs-32bit-4.5.5_12-22.18.1 xen-libs-4.5.5_12-22.18.1 xen-tools xen-tools-4.5.5_12-22.18.1 xen-tools-domU xen-tools-domU-4.5.5_12-22.18.1 xen-4.5.5_12-22.18.1 as a component of SUSE Linux Enterprise Server 12 SP1-LTSS xen-doc-html-4.5.5_12-22.18.1 as a component of SUSE Linux Enterprise Server 12 SP1-LTSS xen-kmp-default-4.5.5_12_k3.12.74_60.64.45-22.18.1 as a component of SUSE Linux Enterprise Server 12 SP1-LTSS xen-libs-4.5.5_12-22.18.1 as a component of SUSE Linux Enterprise Server 12 SP1-LTSS xen-libs-32bit-4.5.5_12-22.18.1 as a component of SUSE Linux Enterprise Server 12 SP1-LTSS xen-tools-4.5.5_12-22.18.1 as a component of SUSE Linux Enterprise Server 12 SP1-LTSS xen-tools-domU-4.5.5_12-22.18.1 as a component of SUSE Linux Enterprise Server 12 SP1-LTSS xen-4.5.5_12-22.18.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP1 xen-doc-html-4.5.5_12-22.18.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP1 xen-kmp-default-4.5.5_12_k3.12.74_60.64.45-22.18.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP1 xen-libs-4.5.5_12-22.18.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP1 xen-libs-32bit-4.5.5_12-22.18.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP1 xen-tools-4.5.5_12-22.18.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP1 xen-tools-domU-4.5.5_12-22.18.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP1 xen-4.5.5_12-22.18.1 as a component of SUSE OpenStack Cloud 6 xen-doc-html-4.5.5_12-22.18.1 as a component of SUSE OpenStack Cloud 6 xen-kmp-default-4.5.5_12_k3.12.74_60.64.45-22.18.1 as a component of SUSE OpenStack Cloud 6 xen-libs-4.5.5_12-22.18.1 as a component of SUSE OpenStack Cloud 6 xen-libs-32bit-4.5.5_12-22.18.1 as a component of SUSE OpenStack Cloud 6 xen-tools-4.5.5_12-22.18.1 as a component of SUSE OpenStack Cloud 6 xen-tools-domU-4.5.5_12-22.18.1 as a component of SUSE OpenStack Cloud 6 xen as a component of SUSE Linux Enterprise Server 11 SP1 for Teradata xen as a component of SUSE Linux Enterprise Server 11 SP3 LTSS xen as a component of SUSE Linux Enterprise Server 11 SP3 for Teradata xen as a component of SUSE Linux Enterprise Server 11 SP4-LTSS xen-doc-html as a component of SUSE Linux Enterprise Server 11 SP4-LTSS xen-kmp-default as a component of SUSE Linux Enterprise Server 11 SP4-LTSS xen-kmp-pae as a component of SUSE Linux Enterprise Server 11 SP4-LTSS xen-libs as a component of SUSE Linux Enterprise Server 11 SP4-LTSS xen-libs-32bit as a component of SUSE Linux Enterprise Server 11 SP4-LTSS xen-tools as a component of SUSE Linux Enterprise Server 11 SP4-LTSS xen-tools-domU as a component of SUSE Linux Enterprise Server 11 SP4-LTSS xen as a component of SUSE Linux Enterprise Server 12 SP2-BCL xen-doc-html as a component of SUSE Linux Enterprise Server 12 SP2-BCL xen-libs as a component of SUSE Linux Enterprise Server 12 SP2-BCL xen-libs-32bit as a component of SUSE Linux Enterprise Server 12 SP2-BCL xen-tools as a component of SUSE Linux Enterprise Server 12 SP2-BCL xen-tools-domU as a component of SUSE Linux Enterprise Server 12 SP2-BCL xen as a component of SUSE Linux Enterprise Server 12-LTSS xen-doc-html as a component of SUSE Linux Enterprise Server 12-LTSS xen-kmp-default as a component of SUSE Linux Enterprise Server 12-LTSS xen-libs as a component of SUSE Linux Enterprise Server 12-LTSS xen-libs-32bit as a component of SUSE Linux Enterprise Server 12-LTSS xen-tools as a component of SUSE Linux Enterprise Server 12-LTSS xen-tools-domU as a component of SUSE Linux Enterprise Server 12-LTSS xen-devel as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 xen as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 The vCPU context-switch implementation in Xen through 4.8.x improperly interacts with the Memory Protection Extensions (MPX) and Protection Key (PKU) features, which makes it easier for guest OS users to defeat ASLR and other protection mechanisms, aka XSA-220. CVE-2017-10916 SUSE Linux Enterprise Server 12 SP1-LTSS:xen-4.5.5_12-22.18.1 SUSE Linux Enterprise Server 12 SP1-LTSS:xen-doc-html-4.5.5_12-22.18.1 SUSE Linux Enterprise Server 12 SP1-LTSS:xen-kmp-default-4.5.5_12_k3.12.74_60.64.45-22.18.1 SUSE Linux Enterprise Server 12 SP1-LTSS:xen-libs-4.5.5_12-22.18.1 SUSE Linux Enterprise Server 12 SP1-LTSS:xen-libs-32bit-4.5.5_12-22.18.1 SUSE Linux Enterprise Server 12 SP1-LTSS:xen-tools-4.5.5_12-22.18.1 SUSE Linux Enterprise Server 12 SP1-LTSS:xen-tools-domU-4.5.5_12-22.18.1 SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-4.5.5_12-22.18.1 SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-doc-html-4.5.5_12-22.18.1 SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-kmp-default-4.5.5_12_k3.12.74_60.64.45-22.18.1 SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-libs-4.5.5_12-22.18.1 SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-libs-32bit-4.5.5_12-22.18.1 SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-tools-4.5.5_12-22.18.1 SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-tools-domU-4.5.5_12-22.18.1 SUSE OpenStack Cloud 6:xen-4.5.5_12-22.18.1 SUSE OpenStack Cloud 6:xen-doc-html-4.5.5_12-22.18.1 SUSE OpenStack Cloud 6:xen-kmp-default-4.5.5_12_k3.12.74_60.64.45-22.18.1 SUSE OpenStack Cloud 6:xen-libs-4.5.5_12-22.18.1 SUSE OpenStack Cloud 6:xen-libs-32bit-4.5.5_12-22.18.1 SUSE OpenStack Cloud 6:xen-tools-4.5.5_12-22.18.1 SUSE OpenStack Cloud 6:xen-tools-domU-4.5.5_12-22.18.1 SUSE Linux Enterprise Server 11 SP1 for Teradata:xen SUSE Linux Enterprise Server 11 SP3 LTSS:xen SUSE Linux Enterprise Server 11 SP3 for Teradata:xen SUSE Linux Enterprise Server 11 SP4-LTSS:xen SUSE Linux Enterprise Server 11 SP4-LTSS:xen-doc-html SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-pae SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-32bit SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU SUSE Linux Enterprise Server 12-LTSS:xen SUSE Linux Enterprise Server 12-LTSS:xen-doc-html SUSE Linux Enterprise Server 12-LTSS:xen-kmp-default SUSE Linux Enterprise Server 12-LTSS:xen-libs SUSE Linux Enterprise Server 12-LTSS:xen-libs-32bit SUSE Linux Enterprise Server 12-LTSS:xen-tools SUSE Linux Enterprise Server 12-LTSS:xen-tools-domU SUSE Linux Enterprise Software Development Kit 11 SP4:xen SUSE Linux Enterprise Software Development Kit 11 SP4:xen-devel moderate 3.3 AV:L/AC:M/Au:N/C:P/I:N/A:P 5.7 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:L