High severity7.8NVD Advisory· Published Aug 24, 2017· Updated May 13, 2026

CVE-2017-12136

Description

Race condition in the grant table code in Xen 4.6.x through 4.9.x allows local guest OS administrators to cause a denial of service (free list corruption and host crash) or gain privileges on the host via vectors involving maptrack free list handling.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.openwall.com/lists/oss-security/2017/08/15/3nvdMailing ListPatchThird Party Advisory
xenbits.xen.org/xsa/advisory-228.htmlnvdPatchVendor Advisory
bugzilla.redhat.com/show_bug.cginvdIssue TrackingPatchThird Party Advisory
support.citrix.com/article/CTX225941nvdPatchThird Party Advisory
www.debian.org/security/2017/dsa-3969nvdThird Party Advisory
www.securityfocus.com/bid/100346nvdThird Party AdvisoryVDB Entry
www.securitytracker.com/id/1039175nvdThird Party AdvisoryVDB Entry
security.gentoo.org/glsa/201801-14nvdThird Party Advisory

News mentions

No linked articles in our index yet.

cvss	0.507
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000