CVE-2016-1570

moderate-risk
Published 2016-01-22

The PV superpage functionality in arch/x86/mm.c in Xen 3.4.0, 3.4.1, and 4.1.x through 4.6.x allows local PV guests to obtain sensitive information, cause a denial of service, gain privileges, or have unspecified other impact via a crafted page identifier (MFN) to the (1) MMUEXT_MARK_SUPER or (2) MMUEXT_UNMARK_SUPER sub-op in the HYPERVISOR_mmuext_op hypercall or (3) unknown vectors related to page table updates.

Do I need to act?

-
0.20% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
8
CVSS 8.5/10 High
NETWORK / HIGH complexity

Affected Products (20)

Xen
Xen
Xen
Xen
Xen
Xen
Xen
Xen
Xen
Xen
Xen
Xen
Xen
Xen
Xen
Xen
Xen
Xen
Xen
Xen

Affected Vendors

Xen

References (6)

http://www.debian.org/security/2016/dsa-3519
http://www.securitytracker.com/id/1034744
Vendor Advisory http://xenbits.xen.org/xsa/advisory-167.html
http://www.debian.org/security/2016/dsa-3519
http://www.securitytracker.com/id/1034744
Vendor Advisory http://xenbits.xen.org/xsa/advisory-167.html
48
/ 100
moderate-risk
Severity 25/34 · High
Exploitability 1/34 · Minimal
Exposure 22/34 · High