High severity8.8NVD Advisory· Published Sep 12, 2017· Updated May 13, 2026

CVE-2017-14319

Description

A grant unmapping issue was discovered in Xen through 4.9.x. When removing or replacing a grant mapping, the x86 PV specific path needs to make sure page table entries remain in sync with other accounting done. Although the identity of the page frame was validated correctly, neither the presence of the mapping nor page writability were taken into account.

Affected products

Xen/Xen
cpe:2.3:o:xen:xen:*:*:*:*:*:*:*:*
Range: <=4.9.0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

xenbits.xen.org/xsa/advisory-234.htmlnvdPatchVendor Advisory
www.securityfocus.com/bid/100819nvdThird Party AdvisoryVDB Entry
www.securitytracker.com/id/1039351nvdThird Party AdvisoryVDB Entry
lists.debian.org/debian-lts-announce/2018/10/msg00009.htmlnvd
support.citrix.com/article/CTX227185nvd
www.debian.org/security/2017/dsa-4050nvd

News mentions

No linked articles in our index yet.

cvss	0.572
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000