CVE-2016-9385

Published: 23 January 2017

The x86 segment base write emulation functionality in Xen 4.4.x through 4.7.x allows local x86 PV guest OS administrators to cause a denial of service (host crash) by leveraging lack of canonical address checks.

Priority

Medium

CVSS 3 base score: 6.0

Status

Package Release Status
xen
Launchpad, Ubuntu, Debian
Upstream Needs triage

Ubuntu 16.04 ESM (Xenial Xerus)
Released (4.6.0-1ubuntu4.3)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was released [4.4.2-0ubuntu0.14.04.9])
Binaries built from this source package are in Universe and so are supported by the community.