| Max CVSS | 7.2 | Min CVSS | 6.8 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2017-8905 | 6.8 |
Xen through 4.6.x on 64-bit platforms mishandles a failsafe callback, which might allow PV guest OS users to execute arbitrary code on the host OS, aka XSA-215.
|
03-10-2019 - 00:03 | 11-05-2017 - 19:29 | |
| CVE-2017-8903 | 7.2 |
Xen through 4.8.x on 64-bit platforms mishandles page tables after an IRET hypercall, which might allow PV guest OS users to execute arbitrary code on the host OS, aka XSA-213.
|
03-10-2019 - 00:03 | 11-05-2017 - 19:29 | |
| CVE-2017-8904 | 6.8 |
Xen through 4.8.x mishandles the "contains segment descriptors" property during GNTTABOP_transfer (aka guest transfer) operations, which might allow PV guest OS users to execute arbitrary code on the host OS, aka XSA-214.
|
03-10-2019 - 00:03 | 11-05-2017 - 19:29 |