栾尚聪

**Name of the Vulnerable Software and Affected Versions** Xen versions 3.4 through 4.6.x **Description** The issue arises from the `mod l2 entry` function in `arch/x86/mm.c`, which fails to properly validate level 2 page table entries. This allows local PV guest administrators to gain privileges by creating a crafted superpage mapping. **Recommendations** For Xen versions 3.4 through 4.6.x, consider restricting access to the `mod l2 entry` function until a patch is available. As a temporary workaround, limit the creation of superpage mappings to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.