Critical severity9.1NVD Advisory· Published Oct 30, 2017· Updated May 13, 2026

CVE-2017-15597

Description

An issue was discovered in Xen through 4.9.x. Grant copying code made an implication that any grant pin would be accompanied by a suitable page reference. Other portions of code, however, did not match up with that assumption. When such a grant copy operation is being done on a grant of a dying domain, the assumption turns out wrong. A malicious guest administrator can cause hypervisor memory corruption, most likely resulting in host crash and a Denial of Service. Privilege escalation and information leaks cannot be ruled out.

Affected products

Xen/Xen
cpe:2.3:o:xen:xen:*:rc7:*:*:*:*:*:*
Range: <=4.9.0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

xenbits.xen.org/xsa/advisory-236.htmlnvdIssue TrackingPatchVendor Advisory
www.openwall.com/lists/oss-security/2017/10/24/3nvdIssue TrackingMailing ListMitigationThird Party Advisory
www.securityfocus.com/bid/101564nvdIssue TrackingThird Party AdvisoryVDB Entry
www.securitytracker.com/id/1039653nvdIssue TrackingThird Party AdvisoryVDB Entry
support.citrix.com/article/CTX229057nvdIssue TrackingThird Party Advisory
lists.debian.org/debian-lts-announce/2018/10/msg00009.htmlnvd
www.debian.org/security/2017/dsa-4050nvd

News mentions

No linked articles in our index yet.

cvss	0.591
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000