8.8
CVSSv3

CVE-2017-12135

CVSSv4: NA | CVSSv3: 8.8 | CVSSv2: 4.6 | VMScore: 980 | EPSS: 0.00062 | KEV: Not Included
Published: 24/08/2017 Updated: 21/11/2024

Vulnerability Summary

Xen allows local OS guest users to cause a denial of service (crash) or possibly obtain sensitive information or gain privileges via vectors involving transitive grants.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

xen xen

citrix xenserver 6.0.2

citrix xenserver 6.2.0

citrix xenserver 6.5

citrix xenserver 7.0

citrix xenserver 7.1

citrix xenserver 7.2

debian debian linux 8.0

debian debian linux 9.0

Vendor Advisories

Xen allows local OS guest users to cause a denial of service (crash) or possibly obtain sensitive information or gain privileges via vectors involving transitive grants ...
Description of Problem A number of security vulnerabilities have been identified in Citrix XenServer that may allow a malicious administrator of a guest VM to compromise the host These vulnerabilities affect all currently supported versions of Citrix XenServer up to and including Citrix XenServer 72 The following vulnerabilities have been addres ...

Mailing Lists

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Xen Security Advisory CVE-2020-11742 / XSA-318 version 3 Bad continuation handling in GNTTABOP_copy UPDATES IN VERSION 3 ==================== Public release ISSUE DESCRIPTION ================= Grant table operations are expected to return ...