Lucene search
Redhat.comRH:CVE-2017-8904HistoryMay 12, 2017 - 7:19 a.m.
CVE-2017-8904
2017-05-1207:19:34
redhat.com
access.redhat.com
12
0.001 Low
EPSS
Percentile
32.1%
Xen through 4.8.x mishandles the “contains segment descriptors” property during GNTTABOP_transfer (aka guest transfer) operations, which might allow PV guest OS users to execute arbitrary code on the host OS, aka XSA-214.
Related
nvd
nvd
CVE-2017-8904
2017-05-11 19:29:00
xen
xen
grant transfer allows PV guest to elevate privileges
2017-05-02 11:18:00
osv
osv
CVE-2017-8904
2017-05-11 19:29:00
xen - security update
2017-05-30 00:00:00
xen - security update
2017-05-09 00:00:00
debiancve
debiancve
CVE-2017-8904
2017-05-11 19:29:00
ubuntucve
ubuntucve
CVE-2017-8904
2017-05-11 00:00:00
prion
prion
Cross site request forgery (csrf)
2017-05-11 19:29:00
cve
cve
CVE-2017-8904
2017-05-11 19:29:00
nessus
nessus
RHEL 5 : xsa214_xen (Unpatched Vulnerability)
2024-05-11 00:00:00
Fedora 26 : xen (2017-77ca39d254)
2017-07-17 00:00:00
Fedora 25 : xen (2017-5ae70ac6a5)
2017-05-16 00:00:00
cvelist
cvelist
CVE-2017-8904
2017-05-11 19:00:00
openvas
openvas
Fedora Update for xen FEDORA-2017-c9d71f0860
2017-05-15 00:00:00
Citrix XenServer Multiple Security Updates (CTX223291)
2017-06-28 00:00:00
Debian: Security Advisory (DLA-964-1)
2018-01-28 00:00:00
gentoo
gentoo
Xen: Multiple vulnerabilities
2017-05-26 00:00:00
citrix
citrix
Citrix XenServer Multiple Security Updates
2017-05-02 04:00:00
fedora
fedora
[SECURITY] Fedora 24 Update: xen-4.6.5-6.fc24
2017-05-15 04:28:44
debian
debian
[SECURITY] [DLA 964-1] xen security update
2017-06-01 08:54:26