CVE-2016-1570

Published: 22 January 2016

The PV superpage functionality in arch/x86/mm.c in Xen 3.4.0, 3.4.1, and 4.1.x through 4.6.x allows local PV guests to obtain sensitive information, cause a denial of service, gain privileges, or have unspecified other impact via a crafted page identifier (MFN) to the (1) MMUEXT_MARK_SUPER or (2) MMUEXT_UNMARK_SUPER sub-op in the HYPERVISOR_mmuext_op hypercall or (3) unknown vectors related to page table updates.

Priority

Low

CVSS 3 base score: 8.5

Status

Package Release Status
xen
Launchpad, Ubuntu, Debian
Upstream Needed

Ubuntu 16.04 LTS (Xenial Xerus)
Released (4.6.0-1ubuntu4)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was released [4.4.2-0ubuntu0.14.04.5])
Binaries built from this source package are in Universe and so are supported by the community.

Notes

AuthorNote
mdeslaur
hypervisor packages are in universe. For
issues in the hypervisor, add appropriate
tags to each section, ex:
Tags_xen: universe-binary
tyhicks
Feature disabled by default
"Xen versions 3.4.0, 3.4.1, and from 4.1 onwards are affected."

References