CVE-2016-6259 — Improper Input Validation in Citrix Xenserver

CWE-20 — Improper Input Validation8 documents7 sources

Severity

6.2MEDIUMNVD

EPSS

0.3%

top 49.87%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

XEN Citrix Xenserver

Timeline

PublishedAug 2

Latest updateMay 17

Description

Xen 4.5.x through 4.7.x do not implement Supervisor Mode Access Prevention (SMAP) whitelisting in 32-bit exception and event delivery, which allows local 32-bit PV guest OS kernels to cause a denial of service (hypervisor and VM crash) by triggering a safety check.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 2.5 | Impact: 3.6

Affected Packages3 packages

▶Debianxen/xen< 4.8.0~rc3-1+3

▶NVDxen/xen8 versions+7

▶NVDcitrix/xenserver6 versions+5

Patches

Patch: xenbits.xen.org ↗Patch: xenbits.xen.org ↗Patch: xenbits.xen.org ↗

🔴Vulnerability Details

GHSA

GHSA-prj4-495w-f4qv: Xen 4↗2022-05-17

▶

CVEList

CVE-2016-6259: Xen 4↗2016-08-02

▶

OSV

CVE-2016-6259: Xen 4↗2016-08-02

▶

📋Vendor Advisories

Red Hat

xen: x86: Missing SMAP whitelisting in 32-bit exception / event delivery (XSA-183)↗2016-07-26

▶

Debian

CVE-2016-6259: xen - Xen 4.5.x through 4.7.x do not implement Supervisor Mode Access Prevention (SMAP...↗2016

▶

💬Community

Bugzilla

CVE-2016-6259 xsa183 xen: x86: Missing SMAP whitelisting in 32-bit exception / event delivery (XSA-183) [fedora-all]↗2016-07-26

▶

Bugzilla

CVE-2016-6259 xsa183 xen: x86: Missing SMAP whitelisting in 32-bit exception / event delivery (XSA-183)↗2016-07-13

▶