CVE-2016-4480
Publication date 18 May 2016
Last updated 24 July 2024
Ubuntu priority
Cvss 3 Severity Score
The guest_walk_tables function in arch/x86/mm/guest_walk.c in Xen 4.6.x and earlier does not properly handle the Page Size (PS) page table entry bit at the L4 and L3 page table levels, which might allow local guest OS users to gain privileges via a crafted mapping of memory.
Status
Package | Ubuntu Release | Status |
---|---|---|
linux | 16.04 LTS xenial |
Not affected
|
14.04 LTS trusty |
Not affected
|
|
linux-armadaxp | 16.04 LTS xenial | Not in release |
14.04 LTS trusty | Not in release | |
linux-flo | 16.04 LTS xenial |
Not affected
|
14.04 LTS trusty | Not in release | |
linux-goldfish | 16.04 LTS xenial |
Not affected
|
14.04 LTS trusty | Not in release | |
linux-grouper | 16.04 LTS xenial | Not in release |
14.04 LTS trusty | Not in release | |
linux-linaro-omap | 16.04 LTS xenial | Not in release |
14.04 LTS trusty | Not in release | |
linux-linaro-shared | 16.04 LTS xenial | Not in release |
14.04 LTS trusty | Not in release | |
linux-linaro-vexpress | 16.04 LTS xenial | Not in release |
14.04 LTS trusty | Not in release | |
linux-lts-quantal | 16.04 LTS xenial | Not in release |
14.04 LTS trusty | Not in release | |
linux-lts-raring | 16.04 LTS xenial | Not in release |
14.04 LTS trusty | Not in release | |
linux-lts-saucy | 16.04 LTS xenial | Not in release |
14.04 LTS trusty | Not in release | |
linux-lts-trusty | 16.04 LTS xenial | Not in release |
14.04 LTS trusty | Not in release | |
linux-lts-utopic | 16.04 LTS xenial | Not in release |
14.04 LTS trusty | Not in release | |
linux-lts-vivid | 16.04 LTS xenial | Not in release |
14.04 LTS trusty | Not in release | |
linux-lts-wily | 16.04 LTS xenial | Not in release |
14.04 LTS trusty | Not in release | |
linux-lts-xenial | 16.04 LTS xenial | Not in release |
14.04 LTS trusty |
Not affected
|
|
linux-maguro | 16.04 LTS xenial | Not in release |
14.04 LTS trusty | Not in release | |
linux-mako | 16.04 LTS xenial |
Not affected
|
14.04 LTS trusty | Not in release | |
linux-manta | 16.04 LTS xenial | Not in release |
14.04 LTS trusty | Not in release | |
linux-qcm-msm | 16.04 LTS xenial | Not in release |
14.04 LTS trusty | Not in release | |
linux-raspi2 | 16.04 LTS xenial |
Not affected
|
14.04 LTS trusty | Not in release | |
linux-snapdragon | 16.04 LTS xenial |
Not affected
|
14.04 LTS trusty | Not in release | |
linux-ti-omap4 | 16.04 LTS xenial | Not in release |
14.04 LTS trusty | Not in release | |
xen | 16.04 LTS xenial |
Fixed 4.6.0-1ubuntu4.1
|
14.04 LTS trusty |
Fixed 4.4.2-0ubuntu0.14.04.6
|
|
Severity score breakdown
Parameter | Value |
---|---|
Base score | 8.4 · High |
Attack vector | Local |
Attack complexity | Low |
Privileges required | None |
User interaction | None |
Scope | Unchanged |
Confidentiality | High |
Integrity impact | High |
Availability impact | High |
Vector | CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |