XEN : Security Vulnerabilities, CVEs, (Bypass) CVSS score >= 8
The PV pagetable code in arch/x86/mm.c in Xen 4.7.x and earlier allows local 32-bit PV guest OS administrators to gain host OS privileges by leveraging fast-paths for updating pagetable entries.
Max CVSS
8.8
EPSS Score
0.06%
Published
2016-08-02
Updated
2017-07-01
Xen, when used on a system providing PV backends, allows local guest OS administrators to cause a denial of service (host OS crash) or gain privileges by writing to memory shared between the frontend and backend, aka a double fetch vulnerability.
Max CVSS
8.2
EPSS Score
0.07%
Published
2016-04-14
Updated
2017-11-04
2 vulnerabilities found