5.6
CVSSv3

CVE-2016-5242

CVSSv4: NA | CVSSv3: 5.6 | CVSSv2: 4.7 | VMScore: 660 | EPSS: 0.00059 | KEV: Not Included
Published: 07/06/2016 Updated: 21/11/2024

Vulnerability Summary

The p2m_teardown function in arch/arm/p2m.c in Xen 4.4.x up to and including 4.6.x allows local guest OS users with access to the driver domain to cause a denial of service (NULL pointer dereference and host OS crash) by creating concurrent domains and holding references to them, related to VMID exhaustion.

Vulnerable Product Search on Vulmon Subscribe to Product

xen xen 4.4.0

xen xen 4.4.1

xen xen 4.4.2

xen xen 4.4.3

xen xen 4.4.4

xen xen 4.5.0

xen xen 4.5.1

xen xen 4.5.2

xen xen 4.5.3

xen xen 4.6.0

xen xen 4.6.1

Vendor Advisories

Multiple vulnerabilities have been discovered in the Xen hypervisor The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2015-8338 Julien Grall discovered that Xen on ARM was susceptible to denial of service via long running memory operations CVE-2016-4480 Jan Beulich discovered that incorrect page ...
The p2m_teardown function in arch/arm/p2mc in Xen 44x through 46x allows local guest OS users with access to the driver domain to cause a denial of service (NULL pointer dereference and host OS crash) by creating concurrent domains and holding references to them, related to VMID exhaustion ...