Xen · Xen · CVE-2016-7154
**Name of the Vulnerable Software and Affected Versions**
Xen versions 4.4.x
**Description**
The issue is related to a use-after-free vulnerability in the FIFO event channel code. This vulnerability allows local guest OS administrators to cause a denial of service, potentially leading to a host crash. It may also be possible for attackers to execute arbitrary code or obtain sensitive information by utilizing an invalid guest frame number.
**Recommendations**
For Xen versions 4.4.x, at the moment, there is no information about a newer version that contains a fix for this vulnerability.