{"id":"CVE-2019-17351","details":"An issue was discovered in drivers/xen/balloon.c in the Linux kernel before 5.2.3, as used in Xen through 4.12.x, allowing guest OS users to cause a denial of service because of unrestricted resource consumption during the mapping of guest memory, aka CID-6ef36ab967c7.","modified":"2026-03-15T22:27:23.513308Z","published":"2019-10-08T00:15:10.617Z","references":[{"type":"WEB","url":"https://usn.ubuntu.com/4286-1/"},{"type":"WEB","url":"https://usn.ubuntu.com/4286-2/"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2019/10/25/9"},{"type":"ADVISORY","url":"https://xenbits.xen.org/xsa/advisory-300.html"},{"type":"ADVISORY","url":"http://xenbits.xen.org/xsa/advisory-300.html"},{"type":"ADVISORY","url":"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2.3"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20191031-0005/"},{"type":"FIX","url":"https://github.com/torvalds/linux/commit/6ef36ab967c71690ebe7e5ef997a8be4da3bc844"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"4.12.1"}]},{"events":[{"introduced":"0"},{"fixed":"5.2.3"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-17351.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H"}]}