CVE-2016-1570 — Improper Input Validation in XEN

CWE-20 — Improper Input Validation7 documents6 sources

Severity

8.5HIGHNVD

EPSS

0.2%

top 57.45%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

XEN Debian XEN

Timeline

PublishedJan 22

Latest updateMay 14

Description

The PV superpage functionality in arch/x86/mm.c in Xen 3.4.0, 3.4.1, and 4.1.x through 4.6.x allows local PV guests to obtain sensitive information, cause a denial of service, gain privileges, or have unspecified other impact via a crafted page identifier (MFN) to the (1) MMUEXT_MARK_SUPER or (2) MMUEXT_UNMARK_SUPER sub-op in the HYPERVISOR_mmuext_op hypercall or (3) unknown vectors related to page table updates.

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:HExploitability: 1.8 | Impact: 6.0

Affected Packages3 packages

▶debiandebian/xen< xen 4.8.0~rc3-1 (bookworm)

▶Debianxen/xen< 4.8.0~rc3-1+3

▶NVDxen/xen29 versions+28

🔴Vulnerability Details

GHSA

GHSA-w7v4-4295-6vg3: The PV superpage functionality in arch/x86/mm↗2022-05-14

▶

OSV

CVE-2016-1570: The PV superpage functionality in arch/x86/mm↗2016-01-22

▶

📋Vendor Advisories

Red Hat

xen: PV superpage functionality missing sanity checks↗2016-01-20

▶

Debian

CVE-2016-1570: xen - The PV superpage functionality in arch/x86/mm.c in Xen 3.4.0, 3.4.1, and 4.1.x t...↗2016

▶

💬Community

Bugzilla

CVE-2016-1570 xen: PV superpage functionality missing sanity checks [fedora-all]↗2016-01-20

▶

Bugzilla

CVE-2016-1570 xen: PV superpage functionality missing sanity checks↗2016-01-07

▶