Multiple vulnerabilities in Xen
| Risk | Medium |
| Patch available | NO |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2016-4963 CVE-2016-2271 |
| CWE-ID | CWE-284 CWE-20 |
| Exploitation vector | Local |
| Public exploit | N/A |
| Vulnerable software |
Xen Server applications / Virtualization software |
| Vendor | Xen Project |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Improper access control
EUVDB-ID: #VU40248
Risk: Low
CVSSv4.0: 1.9 [CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2016-4963
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a local authenticated user to perform a denial of service (DoS) attack.
The libxl device-handling in Xen through 4.6.x allows local guest OS users with access to the driver domain to cause a denial of service (management tool confusion) by manipulating information in the backend directories in xenstore.
MitigationInstall update from vendor's website.
Vulnerable software versionsXen: 4.0.0 - 4.6.1
CPE2.3- cpe:2.3:a:xen_project:xen:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:xen_project:xen:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:xen_project:xen:4.0.2:*:*:*:*:*:*:*
https://www.securitytracker.com/id/1036024
https://xenbits.xen.org/xsa/advisory-178.html
https://lists.debian.org/debian-lts-announce/2018/09/msg00006.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Input validation error
EUVDB-ID: #VU40478
Risk: Medium
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2016-2271
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows local HVM guest users to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker can cause a denial of service (guest crash) via vectors related to a non-canonical RIP.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsXen: 4.6.0 - 4.6.1
CPE2.3 External linkshttps://lists.fedoraproject.org/pipermail/package-announce/2016-February/177990.html
https://lists.fedoraproject.org/pipermail/package-announce/2016-March/178518.html
https://support.citrix.com/article/CTX209443
https://www.debian.org/security/2016/dsa-3519
https://www.securitytracker.com/id/1035043
https://xenbits.xen.org/xsa/advisory-170.html
https://security.gentoo.org/glsa/201604-03
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
