Vulnerabilities > CVE-2016-5242 - Unspecified vulnerability in XEN

047910
CVSS 5.6 - MEDIUM
Attack vector
LOCAL
Attack complexity
HIGH
Privileges required
LOW
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
local
high complexity
xen
nessus

Summary

The p2m_teardown function in arch/arm/p2m.c in Xen 4.4.x through 4.6.x allows local guest OS users with access to the driver domain to cause a denial of service (NULL pointer dereference and host OS crash) by creating concurrent domains and holding references to them, related to VMID exhaustion.

Nessus

  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2016-103752D2A9.NASL
    descriptionQemu: scsi: esp: OOB r/w access while processing ESP_FIFO [CVE-2016-5338] (#1343323) Qemu: scsi: megasas: information leakage in megasas_ctrl_get_info [CVE-2016-5337] (#1343909) ---- fix for CVE-2016-2858 doesn
    last seen2020-06-05
    modified2016-07-14
    plugin id92059
    published2016-07-14
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/92059
    titleFedora 23 : xen (2016-103752d2a9)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2016-389BE30B95.NASL
    descriptionfix for CVE-2016-2858 doesn
    last seen2020-06-05
    modified2016-07-14
    plugin id92081
    published2016-07-14
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/92081
    titleFedora 24 : xen (2016-389be30b95)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-3633.NASL
    descriptionMultiple vulnerabilities have been discovered in the Xen hypervisor. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2015-8338 Julien Grall discovered that Xen on ARM was susceptible to denial of service via long running memory operations. - CVE-2016-4480 Jan Beulich discovered that incorrect page table handling could result in privilege escalation inside a Xen guest instance. - CVE-2016-4962 Wei Liu discovered multiple cases of missing input sanitising in libxl which could result in denial of service. - CVE-2016-5242 Aaron Cornelius discovered that incorrect resource handling on ARM systems could result in denial of service. - CVE-2016-6258 Jeremie Boutoille discovered that incorrect pagetable handling in PV instances could result in guest to host privilege escalation.
    last seen2020-06-01
    modified2020-06-02
    plugin id92614
    published2016-07-29
    reporterThis script is Copyright (C) 2016-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/92614
    titleDebian DSA-3633-1 : xen - security update (Bunker Buster)