Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
8.2
CVSSv3

CVE-2016-7092

Published: 21/09/2016 Updated: 01/07/2017
CVSS v2 Base Score: 6.8 | Impact Score: 10 | Exploitability Score: 3.1
CVSS v3 Base Score: 8.2 | Impact Score: 6 | Exploitability Score: 1.5
VMScore: 605
Vector: AV:L/AC:L/Au:S/C:C/I:C/A:C

Vulnerability Summary

The get_page_from_l3e function in arch/x86/mm.c in Xen allows local 32-bit PV guest OS administrators to gain host OS privileges via vectors related to L3 recursive pagetables.

Vulnerable Product Search on Vulmon Subscribe to Product

xen xen -

Vendor Advisories

Debian Security Advisories: DSA-3663-1 xen -- security update
Multiple vulnerabilities have been discovered in the Xen hypervisor The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2016-7092 (XSA-185) Jeremie Boutoille of Quarkslab and Shangcong Luan of Alibaba discovered a flaw in the handling of L3 pagetable entries, allowing a malicious 32-bit PV guest adm ...
Red Hat: CVE-2016-7092
The get_page_from_l3e function in arch/x86/mmc in Xen allows local 32-bit PV guest OS administrators to gain host OS privileges via vectors related to L3 recursive pagetables ...
Citrix Security Bulletins: Citrix XenServer Multiple Security Updates
Description of Problem A number of security vulnerabilities have been identified in Citrix XenServer that may allow malicious privileged code running within a guest VM to compromise the host These vulnerabilities affect all currently supported versions of Citrix XenServer up to and including Citrix XenServer 70 The following vulnerabilities have ...

Recent Articles

Hypervisor security ero-Xen: How guest VMs can hijack host servers
The Register • Chris Williams, Editor in Chief • 08 Sep 2016

Triple whammy of bugs in popular open-source platform

Analysis The Xen project has today patched four security bugs in its open-source hypervisor – three potentially allowing guest virtual machines to take over their host servers. The other programming cockup allows a guest to crash the underlying machine. This is not great news for cloud providers or anyone else running untrusted VMs on their hardware and relying on Xen, because the three holes can be exploited by malicious guests to escape their confines and attack other virtual machines or the...

Read more...

References

CWE-264http://www.securityfocus.com/bid/92862http://xenbits.xen.org/xsa/xsa185.patchhttp://www.securitytracker.com/id/1036751http://support.citrix.com/article/CTX216071http://xenbits.xen.org/xsa/advisory-185.htmlhttp://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.htmlhttp://www.debian.org/security/2016/dsa-3663https://security.gentoo.org/glsa/201611-09https://nvd.nist.govhttps://www.debian.org/security/./dsa-3663https://access.redhat.com/security/cve/cve-2016-7092
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scriptingCVE-2024-5158XML external entityCVE-2024-4262CVE-2024-2036CVE-2024-4985CVE-2024-21791remote attackersCVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook