First published: Wed Aug 02 2017(Updated: )
Xen allows local OS guest users to cause a denial of service (crash) or possibly obtain sensitive information or gain privileges via vectors involving transitive grants.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Xen Xen | ||
Citrix XenServer | =6.0.2 | |
Citrix XenServer | =6.2.0 | |
Citrix XenServer | =6.5 | |
Citrix XenServer | =7.0 | |
Citrix XenServer | =7.1 | |
Citrix XenServer | =7.2 | |
Debian Debian Linux | =8.0 | |
Debian Debian Linux | =9.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2017-12135 is rated high with a score of 8.8.
To fix CVE-2017-12135, apply the latest security patches or upgrades provided by the software vendor.
CVE-2017-12135 affects various versions of Xen, Citrix XenServer, and Debian Linux.
CVE-2017-12135 primarily requires local OS guest access, making remote exploitation unlikely.
The potential impacts of CVE-2017-12135 include denial of service and possible unauthorized privilege escalation.