CVE-2016-6258

Sažetak

The PV pagetable code in arch/x86/mm.c in Xen 4.7.x and earlier allows local 32-bit PV guest OS administrators to gain host OS privileges by leveraging fast-paths for updating pagetable entries.

Reference

http://support.citrix.com/article/CTX214954
http://www.debian.org/security/2016/dsa-3633
http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
http://www.securityfocus.com/bid/92131
http://www.securitytracker.com/id/1036446
http://xenbits.xen.org/xsa/advisory-182.html
http://xenbits.xen.org/xsa/xsa182-4.5.patch
http://xenbits.xen.org/xsa/xsa182-4.6.patch
http://xenbits.xen.org/xsa/xsa182-unstable.patch
https://security.gentoo.org/glsa/201611-09

CVSS

Base:	7.2
Impact:	10.0
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:L/AC:L/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

01-07-2017 - 01:29

Objavljeno

02-08-2016 - 16:59