Brian Marcotte

**Name of the Vulnerable Software and Affected Versions** Xen versions 4.5.3, 4.6.3, and 4.7.x **Description** The issue allows local HVM guest OS administrators to overwrite hypervisor memory, which can lead to gaining host OS privileges. This is due to the mishandling of instruction pointer truncation during emulation. **Recommendations** For Xen versions 4.5.3, 4.6.3, and 4.7.x, at the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** NetBSD versions 2.0 before 20050316 NetBSD-current versions before 20050112 **Description** The issue allows local users to cause a denial of service, resulting in an infinite loop and system hang. This is achieved by calling the F CLOSEM fcntl with a `parameter value` of 0. **Recommendations** For NetBSD versions 2.0 before 20050316, update to a version after 20050316 to resolve the issue. For NetBSD-current versions before 20050112, update to a version after 20050112 to resolve the issue.