← Back

CVE-2016-4962

nvd nist
Published: Jun 7, 2016Modified: May 6, 2026

JSON object

Loading...
6.7
Vector
CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Exploitability: 0.8 / Impact: 5.9
Source: NVD

Description

The libxl device-handling in Xen 4.6.x and earlier allows local OS guest administrators to cause a denial of service (resource consumption or management facility confusion) or gain host OS privileges by manipulating information in guest controlled areas of xenstore.

Affected (19)

Products: Oracle: Vm Server · Xen: Xen
Oracle
1 product
Vm Server
Xen
1 product
Xen
Configuration A
2 vulnerable
Vulnerable SoftwareAffected Versions
Oracle
Vm Server
Version 3.3
Vm Server
Version 3.4
Configuration B
17 vulnerable
Vulnerable SoftwareAffected Versions
Xen
Xen
Version 4.3.0
Xen
Version 4.3.1
Xen
Version 4.3.2
Xen
Version 4.3.3
Xen
Version 4.3.4
Xen
Version 4.4.0
Xen
Version 4.4.0 rc1
Xen
Version 4.4.1
Xen
Version 4.4.2
Xen
Version 4.4.3
Xen
Version 4.4.4
Xen
Version 4.5.0
Xen
Version 4.5.1
Xen
Version 4.5.2
Xen
Version 4.5.3
Xen
Version 4.6.0
Xen
Version 4.6.1

Related CWEs

CWE-264
CWE-264

References (10)

Source: cve@mitre.org
Source: cve@mitre.org
Vendor Advisory
Source: cve@mitre.org
Source: cve@mitre.org
Third Party AdvisoryVDB Entry
Source: cve@mitre.org
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.