Published: 07/06/2016 Updated: 07/09/2018

CVSS v2 Base Score: 1.9 | Impact Score: 2.9 | Exploitability Score: 3.4

CVSS v3 Base Score: 4.7 | Impact Score: 3.6 | Exploitability Score: 1

VMScore: 169

Vector: AV:L/AC:M/Au:N/C:N/I:N/A:P

The libxl device-handling in Xen up to and including 4.6.x allows local guest OS users with access to the driver domain to cause a denial of service (management tool confusion) by manipulating information in the backend directories in xenstore.

Vulnerable Product	Search on Vulmon	Subscribe to Product
xen xen 4.6.1
xen xen 4.4.2
xen xen 4.4.1
xen xen 4.3.0
xen xen 4.2.5
xen xen 4.1.6
xen xen 4.1.5
xen xen 4.0.2
xen xen 4.0.1
xen xen 4.5.2
xen xen 4.5.1
xen xen 4.3.4
xen xen 4.3.3
xen xen 4.2.2
xen xen 4.2.1
xen xen 4.1.2
xen xen 4.1.1
xen xen 4.1.0
xen xen 4.5.0
xen xen 4.4.4
xen xen 4.4.3
xen xen 4.3.2
xen xen 4.3.1
xen xen 4.2.0
xen xen 4.1.6.1
xen xen 4.0.4
xen xen 4.0.3
xen xen 4.6.0
xen xen 4.5.3
xen xen 4.4.0
xen xen 4.2.4
xen xen 4.2.3
xen xen 4.1.4
xen xen 4.1.3
xen xen 4.0.0

The libxl device-handling in Xen through 46x allows local guest OS users with access to the driver domain to cause a denial of service (management tool confusion) by manipulating information in the backend directories in xenstore ...

CWE-284 http://www.securitytracker.com/id/1036024 http://xenbits.xen.org/xsa/advisory-178.html https://lists.debian.org/debian-lts-announce/2018/09/msg00006.html https://nvd.nist.gov https://access.redhat.com/security/cve/cve-2016-4963

CVE-2016-4963

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect