Published: 18/05/2016 Updated: 01/12/2016

CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9

CVSS v3 Base Score: 8.4 | Impact Score: 5.9 | Exploitability Score: 2.5

VMScore: 641

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

The guest_walk_tables function in arch/x86/mm/guest_walk.c in Xen 4.6.x and previous versions does not properly handle the Page Size (PS) page table entry bit at the L4 and L3 page table levels, which might allow local guest OS users to gain privileges via a crafted mapping of memory.

Vulnerable Product	Search on Vulmon	Subscribe to Product
oracle vm server 3.4
oracle vm server 3.2
oracle vm server 3.3
xen xen

Multiple vulnerabilities have been discovered in the Xen hypervisor The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2015-8338 Julien Grall discovered that Xen on ARM was susceptible to denial of service via long running memory operations CVE-2016-4480 Jan Beulich discovered that incorrect page ...

CWE-264 http://xenbits.xen.org/xsa/advisory-176.html http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html http://www.debian.org/security/2016/dsa-3633 http://www.securityfocus.com/bid/90710 http://www.securitytracker.com/id/1035901 https://nvd.nist.gov https://www.debian.org/security/./dsa-3633

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2016-4480

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect