CVE-2016-9386
HIGHCitrix XenServer - Privilege Escalation via x86 NULL Segment Handling
Title source: llmDescription
The x86 emulator in Xen does not properly treat x86 NULL segments as unusable when accessing memory, which might allow local HVM guest users to gain privileges via vectors involving "unexpected" base/limit values.
References (5)
Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/94471
Third Party Advisory vendor-advisory
x_refsource_gentoo
https://security.gentoo.org/glsa/201612-56
Patch, Third Party Advisory x_refsource_confirm
https://support.citrix.com/article/CTX218775
Patch, Vendor Advisory x_refsource_confirm
http://xenbits.xen.org/xsa/advisory-191.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1037340
Scores
CVSS v3
7.8
EPSS
0.0010
EPSS Percentile
27.2%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-264
Status
published
Products (5)
citrix/xenserver
6.0.2
citrix/xenserver
6.2.0
citrix/xenserver
6.5
citrix/xenserver
7.0
xen/xen
Published
Jan 23, 2017
Tracked Since
Feb 18, 2026