Xen · Xen · CVE-2017-10917
**Name of the Vulnerable Software and Affected Versions**
Xen versions prior to 4.9
**Description**
The issue is related to insufficient validation of port numbers of polled event channel ports. This can be exploited by guest OS users to cause a denial of service, resulting in a NULL pointer dereference and host OS crash, or possibly obtain sensitive information.
**Recommendations**
For Xen versions prior to 4.9, update to version 4.9 or later to resolve the issue.
At the moment, there is no information about other versions that contain a fix for this issue.