Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2016-1571

The paging_invlpg function in include/asm-x86/paging.h in Xen 3.3.x through 4.6.x, when using shadow mode paging or nested virtualization is enabled, allows local HVM guest users to cause a denial of service (host crash) via a non-canonical guest address in an INVVPID instruction, which triggers a hypervisor bug check.

Published

2016-01-22T15:59:06.867

Last Modified

2025-04-12T10:46:40.837

Status

Deferred

Source

[email protected]

Severity

CVSSv3.0: 6.3 (MEDIUM)

CVSSv2 Vector

AV:L/AC:M/Au:N/C:N/I:N/A:C

Access Vector: LOCAL
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality Impact: NONE
Integrity Impact: NONE
Availability Impact: COMPLETE

Exploitability Score

3.4

Impact Score

6.9

Weaknesses

Type: Primary
CWE-17

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	citrix	xenserver	≤ 6.5	Yes
Operating System	xen	xen	3.3.0	Yes
Operating System	xen	xen	3.3.1	Yes
Operating System	xen	xen	3.3.2	Yes
Operating System	xen	xen	3.4.0	Yes
Operating System	xen	xen	3.4.1	Yes
Operating System	xen	xen	3.4.2	Yes
Operating System	xen	xen	3.4.3	Yes
Operating System	xen	xen	3.4.4	Yes
Operating System	xen	xen	4.1.0	Yes
Operating System	xen	xen	4.1.1	Yes
Operating System	xen	xen	4.1.2	Yes
Operating System	xen	xen	4.1.3	Yes
Operating System	xen	xen	4.1.4	Yes
Operating System	xen	xen	4.1.5	Yes
Operating System	xen	xen	4.1.6	Yes
Operating System	xen	xen	4.1.6.1	Yes
Operating System	xen	xen	4.2.0	Yes
Operating System	xen	xen	4.2.1	Yes
Operating System	xen	xen	4.2.2	Yes
Operating System	xen	xen	4.2.3	Yes
Operating System	xen	xen	4.2.4	Yes
Operating System	xen	xen	4.2.5	Yes
Operating System	xen	xen	4.3.0	Yes
Operating System	xen	xen	4.3.1	Yes
Operating System	xen	xen	4.3.2	Yes
Operating System	xen	xen	4.3.3	Yes
Operating System	xen	xen	4.3.4	Yes
Operating System	xen	xen	4.4.0	Yes
Operating System	xen	xen	4.4.0	Yes
Operating System	xen	xen	4.4.1	Yes
Operating System	xen	xen	4.4.2	Yes
Operating System	xen	xen	4.4.3	Yes
Operating System	xen	xen	4.5.0	Yes
Operating System	xen	xen	4.5.1	Yes
Operating System	xen	xen	4.5.2	Yes
Operating System	xen	xen	4.6.0	Yes

References

http://support.citrix.com/article/CTX205496 Third Party Advisory ([email protected])
http://www.debian.org/security/2016/dsa-3519 ([email protected])
http://www.securitytracker.com/id/1034745 Third Party Advisory ([email protected])
http://xenbits.xen.org/xsa/advisory-168.html Vendor Advisory ([email protected])
http://support.citrix.com/article/CTX205496 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.debian.org/security/2016/dsa-3519 (af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id/1034745 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://xenbits.xen.org/xsa/advisory-168.html Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)