CVE-2016-5242
MEDIUMXen 4.4.x-4.6.x - Denial of Service via VMID Exhaustion
Title source: llmDescription
The p2m_teardown function in arch/arm/p2m.c in Xen 4.4.x through 4.6.x allows local guest OS users with access to the driver domain to cause a denial of service (NULL pointer dereference and host OS crash) by creating concurrent domains and holding references to them, related to VMID exhaustion.
References (4)
Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/91015
Vendor Advisory x_refsource_confirm
http://xenbits.xen.org/xsa/advisory-181.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1036035
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2016/dsa-3633
Scores
CVSS v3
5.6
EPSS
0.0014
EPSS Percentile
33.2%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H
Details
Status
published
Products (11)
xen/xen
4.4.0 (2 CPE variants)
xen/xen
4.4.1
xen/xen
4.4.2
xen/xen
4.4.3
xen/xen
4.4.4
xen/xen
4.5.0
xen/xen
4.5.1
xen/xen
4.5.2
xen/xen
4.5.3
xen/xen
4.6.0
... and 1 more
Published
Jun 07, 2016
Tracked Since
Feb 18, 2026