SB2016021904 - Multiple vulnerabilities in Xen
Published: February 19, 2016 Updated: August 9, 2020
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 2 vulnerabilities.
1) Improper access control (CVE-ID: CVE-2016-4963)
CWE-ID: CWE-284 - Improper Access Control
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local authenticated user to perform a denial of service (DoS) attack.
The libxl device-handling in Xen through 4.6.x allows local guest OS users with access to the driver domain to cause a denial of service (management tool confusion) by manipulating information in the backend directories in xenstore.
2) Input validation error (CVE-ID: CVE-2016-2271)
CWE-ID: CWE-20 - Improper input validation
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
The vulnerability allows local HVM guest users to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker can cause a denial of service (guest crash) via vectors related to a non-canonical RIP.
Remediation
Cybersecurity Help is not aware of any official remediation provided by the vendor.
References
- http://www.securitytracker.com/id/1036024
- http://xenbits.xen.org/xsa/advisory-178.html
- https://lists.debian.org/debian-lts-announce/2018/09/msg00006.html
- http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177990.html
- http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178518.html
- http://support.citrix.com/article/CTX209443
- http://www.debian.org/security/2016/dsa-3519
- http://www.securitytracker.com/id/1035043
- http://xenbits.xen.org/xsa/advisory-170.html
- https://security.gentoo.org/glsa/201604-03