FreeBSD : xen-kernel -- guest 32-bit ELF symbol table load leaking host data (5555120d-ba4d-11e6-ae1b-002590263bf5)

Low Nessus Plugin ID 95508


The remote FreeBSD host is missing a security-related update.


The Xen Project reports :

Along with their main kernel binary, unprivileged guests may arrange to have their Xen environment load (kernel) symbol tables for their use. The ELF image metadata created for this purpose has a few unused bytes when the symbol table binary is in 32-bit ELF format. These unused bytes were not properly cleared during symbol table loading.

A malicious unprivileged guest may be able to obtain sensitive information from the host.

The information leak is small and not under the control of the guest, so effectively exploiting this vulnerability is probably difficult.


Update the affected package.

See Also

Plugin Details

Severity: Low

ID: 95508

File Name: freebsd_pkg_5555120dba4d11e6ae1b002590263bf5.nasl

Version: 3.4

Type: local

Published: 2016/12/05

Updated: 2018/11/10

Dependencies: 12634

Risk Information

Risk Factor: Low

CVSS v2.0

Base Score: 2.1

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N

CVSS v3.0

Base Score: 6.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:xen-kernel, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 2016/12/04

Vulnerability Publication Date: 2016/11/22

Reference Information

CVE: CVE-2016-9384