CVE-2016-4480
First published: Wed May 18 2016(Updated: )
The guest_walk_tables function in arch/x86/mm/guest_walk.c in Xen 4.6.x and earlier does not properly handle the Page Size (PS) page table entry bit at the L4 and L3 page table levels, which might allow local guest OS users to gain privileges via a crafted mapping of memory.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Oracle VM Server | =3.2 | |
| Oracle VM Server | =3.3 | |
| Oracle VM Server | =3.4 | |
| Xen Xen | <=4.6.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-index
- agent/weakness
- agent/references
- agent/severity
- agent/author
- agent/type
- agent/description
- agent/event
- agent/last-modified-date
- agent/softwarecombine
- agent/tags
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/oracle
- canonical/oracle vm server
- version/oracle vm server/3.2
- version/oracle vm server/3.3
- version/oracle vm server/3.4
- vendor/xen
- canonical/xen xen
- version/xen xen/4.6.1