cpe:/o:xen:xen:4.9.1 CVE-2017-17045 2017-11-28T18:29:00.273-05:00 2019-10-02T20:03:26.223-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov BID 102013 BID 102129 SECTRACK 1039879 GENTOO GLSA-201801-14 MLIST [debian-lts-announce] 20180105 [SECURITY] [DLA 1230-1] xen security update MLIST [debian-lts-announce] 20181030 [SECURITY] [DLA 1559-1] xen security update CONFIRM https://support.citrix.com/article/CTX230138 CONFIRM https://xenbits.xen.org/xsa/advisory-247.html An issue was discovered in Xen through 4.9.x allowing HVM guest OS users to gain privileges on the host OS, obtain sensitive information, or cause a denial of service (BUG and host OS crash) by leveraging the mishandling of Populate on Demand (PoD) Physical-to-Machine (P2M) errors.