Vulnerability Found in Xen Products

A security vulnerability has been identified in Xen products, posing risks such as denial of service, data confidentiality breaches, and privilege escalation for affected systems.

The vulnerability affects the following Xen versions without the corresponding security patch:

  • Xen versions Unstable
  • Xen versions 4.17.x
  • Xen versions 4.16.x
  • Xen versions 3.2.x to 4.15.x

The security patch for this vulnerability is identified as xsa438.patch.

This discovery was reported in Xen advisory-438, dated September 19, 2023. Detailed information and the patch can be found in the advisory: Xen advisory-438.

The Common Vulnerabilities and Exposures (CVE) identifier for this vulnerability is CVE-2023-34322. You can find more information about it here: CVE-2023-34322.

Users and administrators are strongly advised to refer to the security bulletin from the software publisher to obtain the necessary patches and take appropriate action to secure their systems.