CVE-2017-17045

Name of the Vulnerable Software and Affected Versions Xen versions prior to 4.10

Description The issue is related to the mishandling of Populate on Demand (PoD) Physical-to-Machine (P2M) errors, allowing HVM guest OS users to gain privileges on the host OS, obtain sensitive information, or cause a denial of service. It is also described as a use-after-free vulnerability in the Xen hypervisor.

Recommendations For Xen versions prior to 4.10, update to version 4.10 or later to resolve the issue. As a temporary workaround, consider restricting access to the HVM guest OS to minimize the risk of exploitation.