| ID |
CVE-2026-42487
|
| Sažetak |
HVM guest I/O port accesses are subject to either emulation or at least
translation. Translations are managed by the device model (via
XEN_DOMCTL_ioport_mapping), and hence the linked list used may changed
at any time. Traversal of those lists (while handling guest I/O port
accesses) therefore needs synchronizing with updates, which was missing
so far. |
| Reference |
|
| CVSS |
| Base: | 7.9 |
| Impact: | 5.3 |
| Exploitability: | 2.0 |
|
| Pristup |
| Vektor | Složenost | Autentikacija |
| LOCAL |
LOW |
LOW |
|
| Impact |
| Povjerljivost | Cjelovitost | Dostupnost |
| LOW |
LOW |
HIGH |
|
| CVSS vektor |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:H |
| Zadnje važnije ažuriranje |
18-06-2026 - 16:16 |
| Objavljeno |
18-06-2026 - 14:17 |
