CVE-2017-14431 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2017-14431 Interim 1 16 2025-11-05T03:49:32Z current 2021-05-30T14:02:06Z 2025-11-05T03:49:32Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2017-14431 Memory leak in Xen 3.3 through 4.8.x allows guest OS users to cause a denial of service (ARM or x86 AMD host OS memory consumption) by continually rebooting, because certain cleanup is skipped if no pass-through device was ever assigned, aka XSA-207. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise Server 11 SP4 LTSS SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server for SAP Applications 12 SP3 xen xen-doc-html xen-libs xen-libs-32bit xen-tools xen-tools-domU xen as a component of SUSE Linux Enterprise Server 11 SP4 LTSS xen as a component of SUSE Linux Enterprise Server 12 SP2-BCL xen-doc-html as a component of SUSE Linux Enterprise Server 12 SP2-BCL xen-libs as a component of SUSE Linux Enterprise Server 12 SP2-BCL xen-libs-32bit as a component of SUSE Linux Enterprise Server 12 SP2-BCL xen-tools as a component of SUSE Linux Enterprise Server 12 SP2-BCL xen-tools-domU as a component of SUSE Linux Enterprise Server 12 SP2-BCL xen as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3 xen-doc-html as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3 xen-libs as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3 xen-libs-32bit as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3 xen-tools as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3 xen-tools-domU as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3 Memory leak in Xen 3.3 through 4.8.x allows guest OS users to cause a denial of service (ARM or x86 AMD host OS memory consumption) by continually rebooting, because certain cleanup is skipped if no pass-through device was ever assigned, aka XSA-207. CVE-2017-14431 SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU low 1.7 AV:L/AC:L/Au:S/C:N/I:N/A:P 3.8 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L