[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-SUSE-SU-2017:1715-1":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T14:53:31.930Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":20,"duplicates":21,"related":22,"reserved_at":9,"published_at":26,"modified_at":27,"state":9,"summary":28,"references_raw":30,"kevs":87,"epss":9,"epss_history":88,"metrics":89,"affected":90},"SUSE-SU-2017:1715-1","Security update for xen\n\nThis update for xen fixes the following security issues:\n\n- blkif responses leaked backend stack data, which allowed unprivileged guest to obtain sensitive information from the host or other guests (XSA-216, bsc#1042863)\n- Page transfer might have allowed PV guest to elevate privilege (XSA-217, bsc#1042882)\n- Races in the grant table unmap code allowed for informations leaks and potentially privilege escalation (XSA-218, bsc#1042893)\n- Insufficient reference counts during shadow emulation allowed a malicious pair of guest to elevate their privileges to the privileges that XEN runs under (XSA-219, bsc#1042915)\n- Stale P2M mappings due to insufficient error checking allowed malicious guest to leak information or elevate privileges (XSA-222, bsc#1042931)\n- Grant table operations mishandled reference counts allowing malicious guests to escape (XSA-224, bsc#1042938)\n- CVE-2017-9330: USB OHCI Emulation in qemu allowed local guest OS users to cause a denial of service (infinite loop) by leveraging an incorrect return value (bsc#1042160)\n- CVE-2017-8309: Memory leak in the audio/audio.c allowed remote attackers to cause a denial of service (memory consumption) by repeatedly starting and stopping audio capture (bsc#1037243)\n- CVE-2017-8905: Xen a failsafe callback, which might have allowed PV guest OS users to execute arbitrary code on the host OS (XSA-215, bsc#1034845).\n",null,[],[],[],[14,16,18],{"_key":15},"CVE-2017-8309",{"_key":17},"CVE-2017-8905",{"_key":19},"CVE-2017-9330",[],[],[23,24,25],{"_key":15},{"_key":17},{"_key":19},"2017-06-29T09:13:38Z","2026-02-04T02:59:24.579523Z",{"cisa_kev":29,"cisa_ransomware":29,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[31,37,42,46,50,54,58,62,66,70,74,79,83],{"url":32,"sources":33,"tags":35},"https://www.suse.com/support/update/announcement/2017/suse-su-20171715-1/",[34],"osv_suse",[36],"Advisory",{"url":38,"sources":39,"tags":40},"https://bugzilla.suse.com/1034845",[34],[41],"REPORT",{"url":43,"sources":44,"tags":45},"https://bugzilla.suse.com/1037243",[34],[41],{"url":47,"sources":48,"tags":49},"https://bugzilla.suse.com/1042160",[34],[41],{"url":51,"sources":52,"tags":53},"https://bugzilla.suse.com/1042863",[34],[41],{"url":55,"sources":56,"tags":57},"https://bugzilla.suse.com/1042882",[34],[41],{"url":59,"sources":60,"tags":61},"https://bugzilla.suse.com/1042893",[34],[41],{"url":63,"sources":64,"tags":65},"https://bugzilla.suse.com/1042915",[34],[41],{"url":67,"sources":68,"tags":69},"https://bugzilla.suse.com/1042931",[34],[41],{"url":71,"sources":72,"tags":73},"https://bugzilla.suse.com/1042938",[34],[41],{"url":75,"sources":76,"tags":77},"https://www.suse.com/security/cve/CVE-2017-8309",[34],[78],"WEB",{"url":80,"sources":81,"tags":82},"https://www.suse.com/security/cve/CVE-2017-8905",[34],[78],{"url":84,"sources":85,"tags":86},"https://www.suse.com/security/cve/CVE-2017-9330",[34],[78],[],[],[],[91,104],{"ecosystem":92,"name":93,"vendor":94,"product":95,"cpe_part":9,"purl_type":96,"purl_namespace":94,"purl_name":95,"source":9,"versions":97},"SUSE Linux Enterprise","xen","suse","xen&distro=SUSE Linux Enterprise Point of Sale 11 SP3","rpm",[98],{"version":99,"is_range":100,"range_type":101,"version_start":9,"version_start_type":9,"version_end":102,"version_end_type":103,"fixed_in":9},"lt4_2_5_21_44_1",true,"ecosystem","4.2.5_21-44.1","excluding",{"ecosystem":92,"name":93,"vendor":94,"product":105,"cpe_part":9,"purl_type":96,"purl_namespace":94,"purl_name":105,"source":9,"versions":106},"xen&distro=SUSE Linux Enterprise Server 11 SP3-LTSS",[107],{"version":99,"is_range":100,"range_type":101,"version_start":9,"version_start_type":9,"version_end":102,"version_end_type":103,"fixed_in":9}]