CVE-2016-2271
MEDIUMXen <= 4.6.x - Denial of Service via Non-Canonical RIP Handling
Title source: llmDescription
VMX in Xen 4.6.x and earlier, when using an Intel or Cyrix CPU, allows local HVM guest users to cause a denial of service (guest crash) via vectors related to a non-canonical RIP.
References (7)
Core 7
Core References
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2016/dsa-3519
Mailing List, Third Party Advisory vendor-advisory
x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177990.html
Mailing List, Third Party Advisory vendor-advisory
x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178518.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1035043
Patch, Vendor Advisory x_refsource_confirm
http://xenbits.xen.org/xsa/advisory-170.html
Vendor Advisory x_refsource_confirm
http://support.citrix.com/article/CTX209443
Third Party Advisory vendor-advisory
x_refsource_gentoo
https://security.gentoo.org/glsa/201604-03
Scores
CVSS v3
5.5
EPSS
0.0007
EPSS Percentile
20.4%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Details
Status
published
Products (2)
xen/xen
4.6.0
xen/xen
4.6.1
Published
Feb 19, 2016
Tracked Since
Feb 18, 2026