xen security advisories
7 threat alerts tracking vulnerabilities and security advisories that affect xen products.
Vulnios monitors xen CVE feeds, vendor advisories, CISA KEV listings, and exploit-prediction data continuously. Each alert below is enriched with severity, exploitation status, affected products, and a remediation path. Use this page to scan recent xen security news in one place, or click into an individual alert for full detail.
Critical Vulnerability: CVE-2017-10915 — xen — xen
The shadow-paging feature in Xen through 4.8.x mismanages page references and consequently introduces a race condition, which allows guest OS users to obtain Xen privileges, aka XSA-219.
criticalCVE-2017-10915Critical Vulnerability: CVE-2017-10912 — xen — xen
Xen through 4.8.x mishandles page transfer, which allows guest OS users to obtain privileged host OS access, aka XSA-217.
criticalCVE-2017-10912Critical Vulnerability: CVE-2017-10913 — xen — xen
The grant-table feature in Xen through 4.8.x provides false mapping information in certain cases of concurrent unmap calls, which allows backend attackers to obtain sensitive information or gain privi
criticalCVE-2017-10913Critical Vulnerability: CVE-2017-10920 — xen — xen
The grant-table feature in Xen through 4.8.x mishandles a GNTMAP_device_map and GNTMAP_host_map mapping, when followed by only a GNTMAP_host_map unmapping, which allows guest OS users to cause a denia
criticalCVE-2017-10920Critical Vulnerability: CVE-2017-10918 — xen — xen
Xen through 4.8.x does not validate memory allocations during certain P2M operations, which allows guest OS users to obtain privileged host OS access, aka XSA-222.
criticalCVE-2017-10918Critical Vulnerability: CVE-2017-10921 — xen — xen
The grant-table feature in Xen through 4.8.x does not ensure sufficient type counts for a GNTMAP_device_map and GNTMAP_host_map mapping, which allows guest OS users to cause a denial of service (count
criticalCVE-2017-10921Critical Vulnerability: CVE-2017-10917 — xen — xen
Xen through 4.8.x does not validate the port numbers of polled event channel ports, which allows guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) or possibly ob
criticalCVE-2017-10917
Track xen exposure across your environment
Vulnios automatically cross-references your asset inventory against new xen CVEs and surfaces only what affects you. No more sifting manually — actionable findings only.
Start a free scan