← back
CVE-2017-10917

CVE-2017-10917

EPSS 2.6%
Xen through 4.8.x does not validate the port numbers of polled event channel ports, which allows guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) or possibly obtain sensitive information, aka XSA-221.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://security.gentoo.org/glsa/201708-03https://xenbits.xen.org/xsa/advisory-221.htmlhttp://www.debian.org/security/2017/dsa-3969http://www.securityfocus.com/bid/99157http://www.securitytracker.com/id/1038731