CVE-2016-2270

MEDIUM

Debian Linux < 4.6.1 - Improper Input Validation

Title source: rule

Description

Xen 4.6.x and earlier allows local guest administrators to cause a denial of service (host reboot) via vectors related to multiple mappings of MMIO pages with different cachability settings.

References (7)

Scores

CVSS v3 6.8
EPSS 0.0029
EPSS Percentile 52.6%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H

Classification

CWE
CWE-20
Status draft

Affected Products (6)

debian/debian_linux
debian/debian_linux
fedoraproject/fedora
fedoraproject/fedora
xen/xen < 4.6.1
oracle/vm_server

Timeline

Published Feb 19, 2016
Tracked Since Feb 18, 2026