Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.5
CVSSv3

CVE-2016-9817

Published: 27/02/2017 Updated: 28/07/2017
CVSS v2 Base Score: 4.9 | Impact Score: 6.9 | Exploitability Score: 3.9
CVSS v3 Base Score: 6.5 | Impact Score: 4 | Exploitability Score: 2
VMScore: 436
Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C
Subscribe to Xen

Vulnerability Summary

Xen up to and including 4.7.x allows local ARM guest OS users to cause a denial of service (host crash) via vectors involving a (1) data or (2) prefetch abort with the ESR_EL2.EA bit set.

Vulnerable Product Search on Vulmon Subscribe to Product

xen xen 4.7.1

xen xen 4.7.0

Vendor Advisories

Debian CVElist Bug Report Logs: xen: CVE-2016-9384: guest 32-bit ELF symbol table load leaking host data
Debian Bug report logs - #845667 xen: CVE-2016-9384: guest 32-bit ELF symbol table load leaking host data Package: src:xen; Maintainer for src:xen is Debian Xen Team <pkg-xen-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Fri, 25 Nov 2016 18:45:07 UTC Severity: important T ...
Debian CVElist Bug Report Logs: xen: CVE-2016-10013: x86: Mishandling of SYSCALL singlestep during emulation
Debian Bug report logs - #848713 xen: CVE-2016-10013: x86: Mishandling of SYSCALL singlestep during emulation Package: src:xen; Maintainer for src:xen is Debian Xen Team <pkg-xen-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Mon, 19 Dec 2016 19:06:01 UTC Severity: importa ...
Debian CVElist Bug Report Logs: xen: CVE-2016-9377 CVE-2016-9378: x86 software interrupt injection mis-handled
Debian Bug report logs - #845669 xen: CVE-2016-9377 CVE-2016-9378: x86 software interrupt injection mis-handled Package: src:xen; Maintainer for src:xen is Debian Xen Team <pkg-xen-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Fri, 25 Nov 2016 18:54:01 UTC Severity: impor ...
Red Hat: CVE-2016-9817
Xen through 47x allows local ARM guest OS users to cause a denial of service (host crash) via vectors involving a (1) data or (2) prefetch abort with the ESR_EL2EA bit set ...

References

CWE-284http://xenbits.xen.org/xsa/xsa201-3-4.7.patchhttp://xenbits.xen.org/xsa/xsa201-3.patchhttp://xenbits.xen.org/xsa/advisory-201.htmlhttp://www.securityfocus.com/bid/94581http://www.openwall.com/lists/oss-security/2016/12/05/7http://www.openwall.com/lists/oss-security/2016/11/29/3https://security.gentoo.org/glsa/201612-56http://www.securitytracker.com/id/1037358https://nvd.nist.govhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=845667
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463CVE-2024-29895injectCVE-2023-52689CVE-2024-5049CVE-2024-5051privilege escalationphysicalCVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook