Low severity3.8NVD Advisory· Published May 3, 2017· Updated Jun 17, 2026
CVE-2017-7995
CVE-2017-7995
Description
Xen PV guest before Xen 4.3 checked access permissions to MMIO ranges only after accessing them, allowing host PCI device space memory reads, leading to information disclosure. This is an error in the get_user function. NOTE: the upstream Xen Project considers versions before 4.5.x to be EOL.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
11- cpe:2.3:a:suse:manager_proxy:2.1:*:*:*:*:*:*:*
- cpe:2.3:a:suse:openstack_cloud:5:*:*:*:*:*:*:*
- cpe:2.3:o:novell:suse_linux_enterprise_point_of_sale:11.0:sp3:*:*:*:*:*:*
- cpe:2.3:o:novell:suse_linux_enterprise_server:11.0:sp3:*:*:ltss:*:*:*
- osv-coords5 versionspkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Point%20of%20Sale%2011%20SP3pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-LTSSpkg:rpm/suse/xen&distro=SUSE%20Manager%202.1pkg:rpm/suse/xen&distro=SUSE%20Manager%20Proxy%202.1pkg:rpm/suse/xen&distro=SUSE%20OpenStack%20Cloud%205
< 4.2.5_21-41.1+ 4 more
- (no CPE)range: < 4.2.5_21-41.1
- (no CPE)range: < 4.2.5_21-41.1
- (no CPE)range: < 4.2.5_21-41.1
- (no CPE)range: < 4.2.5_21-41.1
- (no CPE)range: < 4.2.5_21-41.1
Patches
Vulnerability mechanics
References
3- lists.opensuse.org/opensuse-security-announce/2017-05/msg00005.htmlnvdThird Party Advisory
- www.securityfocus.com/bid/98314nvdThird Party AdvisoryVDB Entry
- bugzilla.suse.com/show_bug.cginvdIssue TrackingThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.