CVE-2016-9382
published 2017-01-23CVE-2016-9382: Xen 4.0.x through 4.7.x mishandle x86 task switches to VM86 mode, which allows local 32-bit x86 HVM guest OS users to gain privileges or cause a denial of…
high7.8CVSS 3.0
AVLACLPRLUINSUCHIHAH
Xen 4.0.x through 4.7.x mishandle x86 task switches to VM86 mode, which allows local 32-bit x86 HVM guest OS users to gain privileges or cause a denial of service (guest OS crash) by leveraging a guest operating system that uses hardware task switching and allows a new task to start in VM86 mode.
Affected
55 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| citrix | citrix_adm | — | — |
| citrix | citrix_hypervisor | — | — |
| citrix | citrix_virtual_apps_and_desktops | — | — |
| citrix | endpoint_management | — | — |
| citrix | netscaler_adc | — | — |
| citrix | netscaler_gateway | — | — |
| citrix | xenserver | — | — |
| citrix | xenserver | — | — |
| citrix | xenserver | — | — |
| citrix | xenserver | — | — |
| citrix | xenserver | — | — |
| debian | xen | < xen 4.8.0-1 (bookworm) | xen 4.8.0-1 (bookworm) |
| xen | xen | — | — |
| xen | xen | — | — |
| xen | xen | — | — |
| xen | xen | — | — |
| xen | xen | — | — |
| xen | xen | — | — |
| xen | xen | — | — |
| xen | xen | — | — |
| xen | xen | — | — |
| xen | xen | — | — |
| xen | xen | — | — |
| xen | xen | — | — |
| xen | xen | — | — |
CVSS provenance
nvdv3.07.8HIGHCVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
osv7.8HIGH