libxl in Xen 4.1.x through 4.6.x does not properly handle the readonly flag on disks when using the qemu-xen device model, which allows local guest users to write to a read-only disk image. Rated low severity (CVSS 3.6), this vulnerability is low attack complexity. No vendor patch available.
Information Disclosure
Xen
NVD
CVSS 2.0
3.6
EPSS
0.1%