CVE-2016-10013

Опубликовано: 26 янв. 2017

Источник: nvd

CVSS3: 7.8

CVSS2: 4.6

EPSS Низкий

Описание

Xen through 4.8.x allows local 64-bit x86 HVM guest OS users to gain privileges by leveraging mishandling of SYSCALL singlestep during emulation.

Ссылки

http://www.debian.org/security/2017/dsa-3847
http://www.securityfocus.com/bid/94963
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1037491
Third Party Advisory
VDB Entry
http://xenbits.xen.org/xsa/advisory-204.html
Patch
Vendor Advisory
http://www.debian.org/security/2017/dsa-3847
http://www.securityfocus.com/bid/94963
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1037491
Third Party Advisory
VDB Entry
http://xenbits.xen.org/xsa/advisory-204.html
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:xen:xen:*:*:*:*:*:*:*:*

Версия до 4.8.0 (включая)

EPSS

Процентиль: 27%

0.00099

Низкий

7.8 High

CVSS3

4.6 Medium

CVSS2

Дефекты

CWE-264

Связанные уязвимости

CVE-2016-10013

CVSS3: 7.8

ubuntu

около 9 лет назад

Xen through 4.8.x allows local 64-bit x86 HVM guest OS users to gain privileges by leveraging mishandling of SYSCALL singlestep during emulation.

CVE-2016-10013

CVSS3: 7.4

redhat

около 9 лет назад

Xen through 4.8.x allows local 64-bit x86 HVM guest OS users to gain privileges by leveraging mishandling of SYSCALL singlestep during emulation.

CVE-2016-10013

CVSS3: 7.8

debian

около 9 лет назад

Xen through 4.8.x allows local 64-bit x86 HVM guest OS users to gain p ...

GHSA-wc5c-mc82-hwrm

CVSS3: 7.8

github

больше 3 лет назад

Xen through 4.8.x allows local 64-bit x86 HVM guest OS users to gain privileges by leveraging mishandling of SYSCALL singlestep during emulation.

SUSE-SU-2016:3241-1

suse-cvrf

около 9 лет назад

Security update for xen

EPSS

Процентиль: 27%

0.00099

Низкий

7.8 High

CVSS3

4.6 Medium

CVSS2

Дефекты

CWE-264