CVE-2017-14317CVE-2017-14317

Affected configuration(s):

cpe:/o:xen:xen:4.9.0

Date published: 2017-09-12T11:29:00.270-04:00

Date last modified: 2017-11-29T21:29:03.353-05:00

CVSS Score: 4.7

Principal attack vector: LOCAL

Complexity:  MEDIUM

Reference URL: http://www.securityfocus.com/bid/100826

Summary: A domain cleanup issue was discovered in the C xenstore daemon (aka cxenstored) in Xen through 4.9.x. When shutting down a VM with a stubdomain, a race in cxenstored may cause a double-free. The xenstored daemon may crash, resulting in a DoS of any parts of the system relying on it (including domain creation / destruction, ballooning, device changes, etc.).

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.