CVE-2016-4480

Published: May 18, 2016Modified: May 6, 2026

8.4

Vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 2.5 / Impact: 5.9

Source: NVD

Description

The guest_walk_tables function in arch/x86/mm/guest_walk.c in Xen 4.6.x and earlier does not properly handle the Page Size (PS) page table entry bit at the L4 and L3 page table levels, which might allow local guest OS users to gain privileges via a crafted mapping of memory.

Affected (4)

Products: Oracle: Vm Server · Xen: Xen

1 product

1 product

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Oracle Vm Server	Version 3.2
Oracle Vm Server	Version 3.3
Oracle Vm Server	Version 3.4

Configuration B

1 vulnerable

Vulnerable Software	Affected Versions
Xen Xen	Up to 4.6.1

Related CWEs

References (10)

http://www.debian.org/security/2016/dsa-3633

Source: cve@mitre.org

http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html

Source: cve@mitre.org

Vendor Advisory

http://www.securityfocus.com/bid/90710

Source: cve@mitre.org

http://www.securitytracker.com/id/1035901

Source: cve@mitre.org

http://xenbits.xen.org/xsa/advisory-176.html

Source: cve@mitre.org

Vendor Advisory

http://www.debian.org/security/2016/dsa-3633

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.securityfocus.com/bid/90710

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securitytracker.com/id/1035901

Source: af854a3a-2127-422b-91ae-364da2661108

http://xenbits.xen.org/xsa/advisory-176.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.