Published: 22/02/2017 Updated: 28/07/2017

CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9

CVSS v3 Base Score: 6.5 | Impact Score: 4 | Exploitability Score: 2

VMScore: 187

Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N

Xen 4.7 allows local guest OS users to obtain sensitive host information by loading a 32-bit ELF symbol table.

Vulnerable Product	Search on Vulmon	Subscribe to Product
xen xen 4.7.0
xen xen 4.7.1

Debian Bug report logs - #845667 xen: CVE-2016-9384: guest 32-bit ELF symbol table load leaking host data Package: src:xen; Maintainer for src:xen is Debian Xen Team <pkg-xen-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Fri, 25 Nov 2016 18:45:07 UTC Severity: important T ...

Debian Bug report logs - #848713 xen: CVE-2016-10013: x86: Mishandling of SYSCALL singlestep during emulation Package: src:xen; Maintainer for src:xen is Debian Xen Team <pkg-xen-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Mon, 19 Dec 2016 19:06:01 UTC Severity: importa ...

Debian Bug report logs - #845669 xen: CVE-2016-9377 CVE-2016-9378: x86 software interrupt injection mis-handled Package: src:xen; Maintainer for src:xen is Debian Xen Team <pkg-xen-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Fri, 25 Nov 2016 18:54:01 UTC Severity: impor ...

Xen 47 allows local guest OS users to obtain sensitive host information by loading a 32-bit ELF symbol table ...

CWE-200 http://xenbits.xen.org/xsa/xsa194.patch http://xenbits.xen.org/xsa/advisory-194.html http://www.securityfocus.com/bid/94468 https://security.gentoo.org/glsa/201612-56 http://www.securitytracker.com/id/1037343 https://nvd.nist.gov https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=845667 https://access.redhat.com/security/cve/cve-2016-9384

CVE-2016-9384

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect