CVE-2016-9382

Published: 23 January 2017

Xen 4.0.x through 4.7.x mishandle x86 task switches to VM86 mode, which allows local 32-bit x86 HVM guest OS users to gain privileges or cause a denial of service (guest OS crash) by leveraging a guest operating system that uses hardware task switching and allows a new task to start in VM86 mode.

Priority

Medium

CVSS 3 base score: 7.8

Status

Package Release Status
xen
Launchpad, Ubuntu, Debian
Upstream Needed

Ubuntu 16.04 ESM (Xenial Xerus)
Released (4.6.0-1ubuntu4.3)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was released [4.4.2-0ubuntu0.14.04.9])
Binaries built from this source package are in Universe and so are supported by the community.