Xen allows local OS guest users to cause a denial of service (crash) or possibly obtain sensitive information or gain privileges via vectors involving transitive grants.
www.debian.org/security/2017/dsa-3969
www.openwall.com/lists/oss-security/2017/08/15/1
www.openwall.com/lists/oss-security/2017/08/17/6
www.openwall.com/lists/oss-security/2020/04/14/4
www.securityfocus.com/bid/100344
www.securitytracker.com/id/1039178
xenbits.xen.org/xsa/advisory-226.html
bugzilla.redhat.com/show_bug.cgi?id=1477655
security.gentoo.org/glsa/201801-14
support.citrix.com/article/CTX225941