Launchpad.net

CVE 2016-5242

The p2m_teardown function in arch/arm/p2m.c in Xen 4.4.x through 4.6.x allows local guest OS users with access to the driver domain to cause a denial of service (NULL pointer dereference and host OS crash) by creating concurrent domains and holding references to them, related to VMID exhaustion.

Related bugs and status

CVE-2016-5242 (Candidate) is related to these bugs:

Bug #1671760: Xen HVM guests running linux 4.10 fail to boot on Intel hosts

		In	Importance	Status
1671760	Xen HVM guests running linux 4.10 fail to boot on Intel hosts	xen (Ubuntu)	High	Fix Released
1671760	Xen HVM guests running linux 4.10 fail to boot on Intel hosts	xen (Ubuntu Zesty)	High	Fix Released
1671760	Xen HVM guests running linux 4.10 fail to boot on Intel hosts	xen (Ubuntu Trusty)	High	Fix Released
1671760	Xen HVM guests running linux 4.10 fail to boot on Intel hosts	xen (Ubuntu Yakkety)	High	Fix Released
1671760	Xen HVM guests running linux 4.10 fail to boot on Intel hosts	xen (Ubuntu Xenial)	High	Fix Released
1671760	Xen HVM guests running linux 4.10 fail to boot on Intel hosts	linux (Ubuntu)	Undecided	Won't Fix
1671760	Xen HVM guests running linux 4.10 fail to boot on Intel hosts	linux (Ubuntu Trusty)	Undecided	Invalid
1671760	Xen HVM guests running linux 4.10 fail to boot on Intel hosts	linux (Ubuntu Xenial)	Undecided	Invalid
1671760	Xen HVM guests running linux 4.10 fail to boot on Intel hosts	linux (Ubuntu Yakkety)	Undecided	Invalid
1671760	Xen HVM guests running linux 4.10 fail to boot on Intel hosts	linux (Ubuntu Zesty)	Undecided	Won't Fix

Bug #1671864: Xen stable update to 4.6.5

Summary				In	Importance	Status
	1671864	Xen stable update to 4.6.5		xen (Ubuntu)	Medium	Invalid
	1671864	Xen stable update to 4.6.5		xen (Ubuntu Xenial)	Medium	Fix Released

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://xenbits.xen.org...
SECTRACK: 1036035
DEBIAN: DSA-3633
BID: 91015