CVE-2016-7094 — Improper Restriction of Operations within the Bounds of a Memory Buffer in XEN

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer7 documents6 sources

Severity

4.1MEDIUMNVD

EPSS

0.1%

top 78.67%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

XEN Debian XEN

Timeline

PublishedSep 21

Latest updateMay 17

Description

Buffer overflow in Xen 4.7.x and earlier allows local x86 HVM guest OS administrators on guests running with shadow paging to cause a denial of service via a pagetable update.

CVSS vector

CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:HExploitability: 0.5 | Impact: 3.6

Affected Packages3 packages

▶debiandebian/xen< xen 4.8.0~rc3-1 (bookworm)

▶Debianxen/xen< 4.8.0~rc3-1+3

▶NVDxen/xen4.7.0

Patches

Patch: xenbits.xen.org ↗Patch: xenbits.xen.org ↗Patch: xenbits.xen.org ↗

🔴Vulnerability Details

GHSA

GHSA-r33r-j3c5-f2xq: Buffer overflow in Xen 4↗2022-05-17

▶

OSV

CVE-2016-7094: Buffer overflow in Xen 4↗2016-09-21

▶

📋Vendor Advisories

Red Hat

xen: x86 HVM: Overflow of sh_ctxt->seg_reg[]↗2016-09-08

▶

Debian

CVE-2016-7094: xen - Buffer overflow in Xen 4.7.x and earlier allows local x86 HVM guest OS administr...↗2016

▶

💬Community

Bugzilla

CVE-2016-7094 xen: x86 HVM: Overflow of sh_ctxt->seg_reg[] [fedora-all]↗2016-09-08

▶

Bugzilla

CVE-2016-7094 xen: x86 HVM: Overflow of sh_ctxt->seg_reg[]↗2016-08-26

▶