Privilege Escalation via Fast-Path Pagetable Entry Update in Xen 4.7.x and Earlier

Privilege Escalation via Fast-Path Pagetable Entry Update in Xen 4.7.x and Earlier

CVE-2016-6258 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

The PV pagetable code in arch/x86/mm.c in Xen 4.7.x and earlier allows local 32-bit PV guest OS administrators to gain host OS privileges by leveraging fast-paths for updating pagetable entries.

Learn more about our Web Application Penetration Testing UK.