Vulnerability Details : CVE-2016-7093
Xen 4.5.3, 4.6.3, and 4.7.x allow local HVM guest OS administrators to overwrite hypervisor memory and consequently gain host OS privileges by leveraging mishandling of instruction pointer truncation during emulation.
Exploit prediction scoring system (EPSS) score for CVE-2016-7093
Probability of exploitation activity in the next 30 days: 0.06%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 25 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2016-7093
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
7.2
|
HIGH | AV:L/AC:L/Au:N/C:C/I:C/A:C |
3.9
|
10.0
|
NIST |
8.2
|
HIGH | CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H |
1.5
|
6.0
|
NIST |
CWE ids for CVE-2016-7093
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2016-7093
-
http://xenbits.xen.org/xsa/xsa186-0001-x86-emulate-Correct-boundary-interactions-of-emulate.patch
Patch;Vendor Advisory
-
https://security.gentoo.org/glsa/201611-09
Xen: Multiple vulnerabilities (GLSA 201611-09) — Gentoo security
-
http://www.securitytracker.com/id/1036752
Xen Instruction Pointer Truncation Flaw Lets Local Users on a Guest System Gain Elevated Privileges on the Host System - SecurityTrackerVDB Entry;Third Party Advisory
-
http://xenbits.xen.org/xsa/advisory-186.html
XSA-186 - Xen Security AdvisoriesPatch;Vendor Advisory
-
http://support.citrix.com/article/CTX216071
Citrix XenServer Multiple Security UpdatesThird Party Advisory
-
http://www.securityfocus.com/bid/92865
Xen CVE-2016-7093 Local Privilege Escalation Vulnerability
Products affected by CVE-2016-7093
- cpe:2.3:o:xen:xen:4.5.3:*:*:*:*:*:*:*
- cpe:2.3:o:xen:xen:4.6.3:*:*:*:*:*:*:*
- cpe:2.3:o:xen:xen:4.7.0:*:*:*:*:*:*:*