FreeBSD : xen-kernel -- PV superpage functionality missing sanity checks (7ed7c36f-ddaf-11e5-b2bd-002590263bf5)

This script is Copyright (C) 2016 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing one or more security-related
updates.

Description :

The Xen Project reports :

The PV superpage functionality lacks certain validity checks on data
being passed to the hypervisor by guests. This is the case for the
page identifier (MFN) passed to MMUEXT_MARK_SUPER and
MMUEXT_UNMARK_SUPER sub-ops of the HYPERVISOR_mmuext_op hypercall as
well as for various forms of page table updates.

Use of the feature, which is disabled by default, may have unknown
effects, ranging from information leaks through Denial of Service to
privilege escalation.

See also :

http://xenbits.xen.org/xsa/advisory-167.html
http://www.nessus.org/u?7b30c475

Solution :

Update the affected packages.

Risk factor :

Medium / CVSS Base Score : 6.9
(CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C)

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 89011 ()

Bugtraq ID:

CVE ID: CVE-2016-1570

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now