Privilege Escalation and Denial of Service Vulnerability in Xen 4.0.x through 4.7.x

Privilege Escalation and Denial of Service Vulnerability in Xen 4.0.x through 4.7.x

CVE-2016-9382 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

Xen 4.0.x through 4.7.x mishandle x86 task switches to VM86 mode, which allows local 32-bit x86 HVM guest OS users to gain privileges or cause a denial of service (guest OS crash) by leveraging a guest operating system that uses hardware task switching and allows a new task to start in VM86 mode.

Learn more about our User Device Pen Test.