Xen Event Channel Port Validation Vulnerability (XSA-221)
CVE-2017-10917 · HIGH Severity
AV:N/AC:L/AU:N/C:C/I:N/A:C
Xen through 4.8.x does not validate the port numbers of polled event channel ports, which allows guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) or possibly obtain sensitive information, aka XSA-221.
Learn more about our User Device Pen Test.