CVE-2016-7093

HIGH

Description

Xen 4.5.3, 4.6.3, and 4.7.x allow local HVM guest OS administrators to overwrite hypervisor memory and consequently gain host OS privileges by leveraging mishandling of instruction pointer truncation during emulation.

References

http://support.citrix.com/article/CTX216071

http://www.securityfocus.com/bid/92865

http://www.securitytracker.com/id/1036752

http://xenbits.xen.org/xsa/advisory-186.html

http://xenbits.xen.org/xsa/xsa186-0001-x86-emulate-Correct-boundary-interactions-of-emulate.patch

https://security.gentoo.org/glsa/201611-09

Details

Source: MITRE

Published: 2016-09-21

Updated: 2017-07-01

Type: CWE-264

Risk Information

CVSS v2.0

Base Score: 7.2

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 3.9

Severity: HIGH

CVSS v3.0

Base Score: 8.2

Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Impact Score: 6

Exploitability Score: 1.5

Severity: HIGH