Launchpad.net

CVE 2017-10918

Xen through 4.8.x does not validate memory allocations during certain P2M operations, which allows guest OS users to obtain privileged host OS access, aka XSA-222.

See the CVE page on Mitre.org for more details.