Vulnerability Details : CVE-2016-6259
Xen 4.5.x through 4.7.x do not implement Supervisor Mode Access Prevention (SMAP) whitelisting in 32-bit exception and event delivery, which allows local 32-bit PV guest OS kernels to cause a denial of service (hypervisor and VM crash) by triggering a safety check.
Vulnerability category: Input validationDenial of service
Products affected by CVE-2016-6259
- cpe:2.3:a:citrix:xenserver:6.0:*:*:*:*:*:*:*
- cpe:2.3:a:citrix:xenserver:6.2.0:sp1:*:*:*:*:*:*
- cpe:2.3:a:citrix:xenserver:6.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:citrix:xenserver:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:citrix:xenserver:6.1:*:*:*:*:*:*:*
- cpe:2.3:a:citrix:xenserver:6.5.0:sp1:*:*:*:*:*:*
- cpe:2.3:o:xen:xen:4.5.0:*:*:*:*:*:*:*
- cpe:2.3:o:xen:xen:4.5.1:*:*:*:*:*:*:*
- cpe:2.3:o:xen:xen:4.5.3:*:*:*:*:*:*:*
- cpe:2.3:o:xen:xen:4.6.0:*:*:*:*:*:*:*
- cpe:2.3:o:xen:xen:4.6.1:*:*:*:*:*:*:*
- cpe:2.3:o:xen:xen:4.6.3:*:*:*:*:*:*:*
- cpe:2.3:o:xen:xen:4.5.2:*:*:*:*:*:*:*
- cpe:2.3:o:xen:xen:4.7.0:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2016-6259
0.19%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 57 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2016-6259
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.9
|
MEDIUM | AV:L/AC:L/Au:N/C:N/I:N/A:C |
3.9
|
6.9
|
NIST | |
6.2
|
MEDIUM | CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.5
|
3.6
|
NIST |
CWE ids for CVE-2016-6259
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2016-6259
-
http://xenbits.xen.org/xsa/xsa183-unstable.patch
Mitigation;Patch
-
http://www.securitytracker.com/id/1036447
Xen SMAP Safety Check Whitelist Error Lets Local Users on a Guest System Cause Denial of Service Conditions on the Host System - SecurityTrackerThird Party Advisory
-
http://www.securityfocus.com/bid/92130
Xen CVE-2016-6259 Denial of Service VulnerabilityThird Party Advisory
-
http://xenbits.xen.org/xsa/xsa183-4.6.patch
Mitigation;Patch
-
http://xenbits.xen.org/xsa/advisory-183.html
XSA-183 - Xen Security AdvisoriesMailing List;Patch
-
http://support.citrix.com/article/CTX214954
Citrix XenServer Multiple Security UpdatesVendor Advisory
Jump to