CVE 2016-4962
The libxl device-handling in Xen 4.6.x and earlier allows local OS guest administrators to cause a denial of service (resource consumption or management facility confusion) or gain host OS privileges by manipulating information in guest controlled areas of xenstore.
Related bugs and status
CVE-2016-4962 (Candidate) is related to these bugs:
Bug #1671760: Xen HVM guests running linux 4.10 fail to boot on Intel hosts
Bug #1671864: Xen stable update to 4.6.5
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1671864 | Xen stable update to 4.6.5 | xen (Ubuntu) | Medium | Invalid | ||
1671864 | Xen stable update to 4.6.5 | xen (Ubuntu Xenial) | Medium | Fix Released |
See the
CVE page on Mitre.org
for more details.