CVE-2016-9380Improper Input Validation in Citrix Xenserver

CWE-20Improper Input Validation8 documents7 sources
Severity
7.5HIGHNVD
EPSS
0.1%
top 74.04%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
XENCitrix Xenserver
Timeline
PublishedJan 23
Latest updateMay 17

Description

The pygrub boot loader emulator in Xen, when nul-delimited output format is requested, allows local pygrub-using guest OS administrators to read or delete arbitrary files on the host via NUL bytes in the bootloader configuration file.

CVSS vector

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:NExploitability: 1.1 | Impact: 5.8

Affected Packages2 packages

Debianxen/xen< 4.8.0-1+3
NVDcitrix/xenserver4 versions+3

Patches

Patch: xenbits.xen.orgPatch: xenbits.xen.orgPatch: support.citrix.com

🔴Vulnerability Details

3
GHSA
GHSA-58r5-2fcj-4x5p: The pygrub boot loader emulator in Xen, when nul-delimited output format is requested, allows local pygrub-using guest OS administrators to read or de2022-05-17
OSV
CVE-2016-9380: The pygrub boot loader emulator in Xen, when nul-delimited output format is requested, allows local pygrub-using guest OS administrators to read or de2017-01-23
CVEList
CVE-2016-9380: The pygrub boot loader emulator in Xen, when nul-delimited output format is requested, allows local pygrub-using guest OS administrators to read or de2017-01-23

📋Vendor Advisories

2
Red Hat
xen: delimiter injection vulnerabilities in pygrub (XSA-198)2016-11-22
Debian
CVE-2016-9380: xen - The pygrub boot loader emulator in Xen, when nul-delimited output format is requ...2016

💬Community

2
Bugzilla
CVE-2016-9377 CVE-2016-9378 CVE-2016-9379 CVE-2016-9380 CVE-2016-9381 CVE-2016-9382 CVE-2016-9383 CVE-2016-9384 CVE-2016-9385 CVE-2016-9386 xen: various flaws [fedora-all]2016-11-22
Bugzilla
CVE-2016-9379 CVE-2016-9380 xsa198 xen: delimiter injection vulnerabilities in pygrub (XSA-198)2016-11-08
CVE-2016-9380 — Improper Input Validation in Citrix | cvebase