Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2016-9637

Опубликовано: 06 дек. 2016
Источник: redhat
CVSS3: 7.6
CVSS2: 6.5
EPSS Низкий

Описание

The (1) ioport_read and (2) ioport_write functions in Xen, when qemu is used as a device model within Xen, might allow local x86 HVM guest OS administrators to gain qemu process privileges via vectors involving an out-of-range ioport access.

An out of bounds array access issue was found in the Xen virtual machine monitor, built with the QEMU ioport support. It could occur while doing ioport read/write operations, if guest was to supply a 32bit address parameter. A privileged guest user/process could use this flaw to potentially escalate their privileges on a host.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5kvmNot affected
Red Hat Enterprise Linux 6qemu-kvmNot affected
Red Hat Enterprise Linux 7qemu-kvmNot affected
Red Hat Enterprise Linux 7qemu-kvm-rhevNot affected
Red Hat Enterprise Linux OpenStack Platform 5 (Icehouse)qemu-kvm-rhevNot affected
Red Hat Enterprise Linux OpenStack Platform 6 (Juno)qemu-kvm-rhevNot affected
Red Hat Enterprise Linux OpenStack Platform 7 (Kilo)qemu-kvm-rhevNot affected
Red Hat OpenStack Platform 8 (Liberty)qemu-kvm-rhevNot affected
Red Hat OpenStack Platform 9 (Mitaka)qemu-kvm-rhevNot affected
Red Hat Enterprise Linux 5xenFixedRHSA-2016:296320.12.2016

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Important
Дефект:
CWE-125
https://bugzilla.redhat.com/show_bug.cgi?id=1397043Xen: qemu ioport out-of-bounds array access (XSA-199)

EPSS

Процентиль: 26%
0.00087
Низкий

7.6 High

CVSS3

6.5 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2016-9637

CVSS3: 7.5
ubuntu
больше 8 лет назад

The (1) ioport_read and (2) ioport_write functions in Xen, when qemu is used as a device model within Xen, might allow local x86 HVM guest OS administrators to gain qemu process privileges via vectors involving an out-of-range ioport access.

nvd логотип

CVE-2016-9637

CVSS3: 7.5
nvd
больше 8 лет назад

The (1) ioport_read and (2) ioport_write functions in Xen, when qemu is used as a device model within Xen, might allow local x86 HVM guest OS administrators to gain qemu process privileges via vectors involving an out-of-range ioport access.

debian логотип

CVE-2016-9637

CVSS3: 7.5
debian
больше 8 лет назад

The (1) ioport_read and (2) ioport_write functions in Xen, when qemu i ...

github логотип

GHSA-5m8h-4qv2-6hhp

CVSS3: 7.5
github
больше 3 лет назад

The (1) ioport_read and (2) ioport_write functions in Xen, when qemu is used as a device model within Xen, might allow local x86 HVM guest OS administrators to gain qemu process privileges via vectors involving an out-of-range ioport access.

oracle-oval логотип

ELSA-2016-2963

oracle-oval
больше 8 лет назад

ELSA-2016-2963: xen security update (IMPORTANT)

EPSS

Процентиль: 26%
0.00087
Низкий

7.6 High

CVSS3

6.5 Medium

CVSS2