Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

CVE-2017-8905

UNKNOWN
Published 2017-05-11T19:00:00
Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2017-8905. We'll provide specific mitigation strategies based on your environment and risk profile.

No CVSS data available

Description

Xen through 4.6.x on 64-bit platforms mishandles a failsafe callback, which might allow PV guest OS users to execute arbitrary code on the host OS, aka XSA-215.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed HIGH

GHSA-fff9-ccrg-mjcr

Advisory Details

Xen through 4.6.x on 64-bit platforms mishandles a failsafe callback, which might allow PV guest OS users to execute arbitrary code on the host OS, aka XSA-215.

CVSS Scoring

CVSS Score

7.5

CVSS Vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2017-8905
WEB https://blog.xenproject.org/2017/05/02/updates-on-xsa-213-xsa-214-and-xsa-215
WEB https://security.gentoo.org/glsa/201705-11
WEB https://xenbits.xen.org/xsa/advisory-215.html
WEB http://www.securityfocus.com/bid/98436
WEB http://www.securitytracker.com/id/1038388

Advisory provided by GitHub Security Advisory Database. Published: May 13, 2022, Modified: April 20, 2025

References

https://security.gentoo.org/glsa/201705-11
http://www.securitytracker.com/id/1038388
https://xenbits.xen.org/xsa/advisory-215.html
http://www.securityfocus.com/bid/98436
https://blog.xenproject.org/2017/05/02/updates-on-xsa-213-xsa-214-and-xsa-215/
Published: 2017-05-11T19:00:00
Last Modified: 2024-08-05T16:48:22.839Z
Copied to clipboard!