CVE-2016-1571
published 2016-01-22CVE-2016-1571: The paging_invlpg function in include/asm-x86/paging.h in Xen 3.3.x through 4.6.x, when using shadow mode paging or nested virtualization is enabled, allows…
medium6.3CVSS 3.0
AVNACHPRLUINSCCNINAH
The paging_invlpg function in include/asm-x86/paging.h in Xen 3.3.x through 4.6.x, when using shadow mode paging or nested virtualization is enabled, allows local HVM guest users to cause a denial of service (host crash) via a non-canonical guest address in an INVVPID instruction, which triggers a hypervisor bug check.
Affected
48 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| citrix | citrix_adm | — | — |
| citrix | citrix_hypervisor | — | — |
| citrix | citrix_virtual_apps_and_desktops | — | — |
| citrix | endpoint_management | — | — |
| citrix | netscaler_adc | — | — |
| citrix | netscaler_gateway | — | — |
| citrix | xenserver | <= 6.5 | — |
| citrix | xenserver | — | — |
| debian | xen | < xen 4.8.0~rc3-1 (bookworm) | xen 4.8.0~rc3-1 (bookworm) |
| xen | xen | — | — |
| xen | xen | — | — |
| xen | xen | — | — |
| xen | xen | — | — |
| xen | xen | — | — |
| xen | xen | — | — |
| xen | xen | — | — |
| xen | xen | — | — |
| xen | xen | — | — |
| xen | xen | — | — |
| xen | xen | — | — |
| xen | xen | — | — |
| xen | xen | — | — |
| xen | xen | — | — |
| xen | xen | — | — |
| xen | xen | — | — |
CVSS provenance
nvdv3.06.3MEDIUMCVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H
osv6.3MEDIUM