← Back

CVE-2016-6259

nvd nist
Published: Aug 2, 2016Modified: May 6, 2026

JSON object

Loading...
6.2
Vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Exploitability: 2.5 / Impact: 3.6
Source: NVD

Description

Xen 4.5.x through 4.7.x do not implement Supervisor Mode Access Prevention (SMAP) whitelisting in 32-bit exception and event delivery, which allows local 32-bit PV guest OS kernels to cause a denial of service (hypervisor and VM crash) by triggering a safety check.

Affected (14)

Products: Xen: Xen · Citrix: Xenserver
Xen
1 product
Xen
Citrix
1 product
Xenserver
Configuration A
8 vulnerable
Vulnerable SoftwareAffected Versions
Xen
Xen
Version 4.5.0
Xen
Version 4.5.1
Xen
Version 4.5.2
Xen
Version 4.5.3
Xen
Version 4.6.0
Xen
Version 4.6.1
Xen
Version 4.6.3
Xen
Version 4.7.0
Configuration B
6 vulnerable
Vulnerable SoftwareAffected Versions
Citrix
Xenserver
Version 6.0.2
Xenserver
Version 6.0
Xenserver
Version 6.1
Xenserver
Version 6.2.0 sp1
Xenserver
Version 6.5.0 sp1
Xenserver
Version 7.0

Related CWEs

CWE-20
Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (12)

Source: cve@mitre.org
Vendor Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Mailing ListPatch
Source: cve@mitre.org
MitigationPatch
Source: cve@mitre.org
MitigationPatch
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListPatch
Source: af854a3a-2127-422b-91ae-364da2661108
MitigationPatch
Source: af854a3a-2127-422b-91ae-364da2661108
MitigationPatch

Timeline

No history available yet.