retired/CVE-2018-15471


1
2
3
4
5
6
7
8
9
10
11
12

Description: xen netback driver OOB access in hash handling
References:
 https://xenbits.xen.org/xsa/advisory-270.html
 https://bugs.chromium.org/p/project-zero/issues/detail?id=1607
Notes:
Bugs:
upstream: released (4.19-rc7) [780e83c259fc33e8959fed8dfdad17e378d72b62]
4.9-upstream-stable: released (4.9.133) [2962761863cb161d419c94f3dde7443af0e63c31]
3.16-upstream-stable: N/A "Vulnerable code introduced later"
sid: released (4.18.10-2) [bugfix/all/xen-netback-fix-input-validation-in-xenvif_set_hash_.patch]
4.9-stretch-security: released (4.9.110-3+deb9u6) [bugfix/all/xen-netback-fix-input-validation-in-xenvif_set_hash_.patch]
3.16-jessie-security: N/A "Vulnerable code not present"