Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2016-7154

Use-after-free vulnerability in the FIFO event channel code in Xen 4.4.x allows local guest OS administrators to cause a denial of service (host crash) and possibly execute arbitrary code or obtain sensitive information via an invalid guest frame number.

Published

2016-09-21T14:25:27.160

Last Modified

2025-04-12T10:46:40.837

Status

Deferred

Source

[email protected]

Severity

CVSSv3.0: 6.7 (MEDIUM)

CVSSv2 Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: COMPLETE
Integrity Impact: COMPLETE
Availability Impact: COMPLETE

Exploitability Score

3.9

Impact Score

10.0

Weaknesses

Type: Primary
CWE-416

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	xen	xen	4.4.0	Yes
Operating System	xen	xen	4.4.1	Yes
Operating System	xen	xen	4.4.2	Yes
Operating System	xen	xen	4.4.3	Yes
Operating System	xen	xen	4.4.4	Yes

References

http://support.citrix.com/article/CTX216071 Third Party Advisory ([email protected])
http://www.c7zero.info/stuff/csw2017_ExploringYourSystemDeeper_updated.pdf ([email protected])
http://www.debian.org/security/2016/dsa-3663 ([email protected])
http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html ([email protected])
http://www.securityfocus.com/bid/92863 Third Party Advisory, VDB Entry ([email protected])
http://www.securitytracker.com/id/1036754 Third Party Advisory, VDB Entry ([email protected])
http://xenbits.xen.org/xsa/advisory-188.html Patch, Vendor Advisory ([email protected])
http://xenbits.xen.org/xsa/xsa188.patch Patch ([email protected])
http://support.citrix.com/article/CTX216071 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.c7zero.info/stuff/csw2017_ExploringYourSystemDeeper_updated.pdf (af854a3a-2127-422b-91ae-364da2661108)
http://www.debian.org/security/2016/dsa-3663 (af854a3a-2127-422b-91ae-364da2661108)
http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/92863 Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id/1036754 Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
http://xenbits.xen.org/xsa/advisory-188.html Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://xenbits.xen.org/xsa/xsa188.patch Patch (af854a3a-2127-422b-91ae-364da2661108)