PT-2016-6810 · Xen+1 · Xen+1

Andrew Cooper

Publicado

2016-08-02

Atualizado

2024-06-15

CVE-2016-6259

CVSS v3.1

6.2

Média

Vetor

AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Xen versions 4.5.x through 4.7.x

Description The issue allows local 32-bit PV guest OS kernels to cause a denial of service, resulting in a hypervisor and VM crash, by triggering a safety check due to the lack of Supervisor Mode Access Prevention (SMAP) whitelisting in 32-bit exception and event delivery.

Recommendations For Xen versions 4.5.x through 4.7.x, consider disabling 32-bit PV guest OS kernels until a patch is available to implement SMAP whitelisting and prevent the denial of service.

Correção

DoS

RCE

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-20

Identificadores relacionados

CVE-2016-6259

MGASA-2017-0012

OPENSUSE-SU-2016_2494-1

OPENSUSE-SU-2024:10196-1

SUSE-SU-2016:2093-1

SUSE-SU-2016:2473-1

Produtos afetados

Suse

Xen

PT-2016-6810 · Xen+1 · Xen+1

CVE-2016-6259

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 263