Xen Event Channel Port Validation Vulnerability (XSA-221)

Xen Event Channel Port Validation Vulnerability (XSA-221)

CVE-2017-10917 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:N/A:C

Xen through 4.8.x does not validate the port numbers of polled event channel ports, which allows guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) or possibly obtain sensitive information, aka XSA-221.

Learn more about our User Device Pen Test.