CVE 2016-1570
The PV superpage functionality in arch/x86/mm.c in Xen 3.4.0, 3.4.1, and 4.1.x through 4.6.x allows local PV guests to obtain sensitive information, cause a denial of service, gain privileges, or have unspecified other impact via a crafted page identifier (MFN) to the (1) MMUEXT_MARK_SUPER or (2) MMUEXT_UNMARK_SUPER sub-op in the HYPERVISOR_
Related bugs and status
CVE-2016-1570 (Candidate) is related to these bugs:
Bug #1564909: CVE-2016-2270 / XSA-154
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1564909 | CVE-2016-2270 / XSA-154 | xen (Ubuntu) | Undecided | Fix Released |
Bug #1564914: CVE-2016-1570 / XSA-167
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1564914 | CVE-2016-1570 / XSA-167 | xen (Ubuntu) | Undecided | Fix Released |
Bug #1564915: CVE-2016-1571 / XSA-168
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1564915 | CVE-2016-1571 / XSA-168 | xen (Ubuntu) | Undecided | Fix Released |
Bug #1564916: CVE-2016-2271 / XSA-170
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1564916 | CVE-2016-2271 / XSA-170 | xen (Ubuntu) | Undecided | Fix Released |
Bug #1671760: Xen HVM guests running linux 4.10 fail to boot on Intel hosts
Bug #1671864: Xen stable update to 4.6.5
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1671864 | Xen stable update to 4.6.5 | xen (Ubuntu) | Medium | Invalid | ||
1671864 | Xen stable update to 4.6.5 | xen (Ubuntu Xenial) | Medium | Fix Released |
See the
CVE page on Mitre.org
for more details.