CVE-2016-1571

The paging_invlpg function in include/asm-x86/paging.h in Xen 3.3.x through 4.6.x, when using shadow mode paging or nested virtualization is enabled, allows local HVM guest users to cause a denial of service (host crash) via a non-canonical guest address in an INVVPID instruction, which triggers a hypervisor bug check.
Severity
MEDIUM
CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H
Atk. Vector
NETWORK
Atk. Complexity
HIGH
Priv. Required
LOW
Base Score
CVSS 3.x
EPSS Score
Percentile: 59%
VendorProductVersion
citrixxenserver
𝑥
≤ 6.5
xenxen
3.3.0
xenxen
3.3.1
xenxen
3.3.2
xenxen
3.4.0
xenxen
3.4.1
xenxen
3.4.2
xenxen
3.4.3
xenxen
3.4.4
xenxen
4.1.0
xenxen
4.1.1
xenxen
4.1.2
xenxen
4.1.3
xenxen
4.1.4
xenxen
4.1.5
xenxen
4.1.6
xenxen
4.1.6.1
xenxen
4.2.0
xenxen
4.2.1
xenxen
4.2.2
xenxen
4.2.3
xenxen
4.2.4
xenxen
4.2.5
xenxen
4.3.0
xenxen
4.3.1
xenxen
4.3.2
xenxen
4.3.3
xenxen
4.3.4
xenxen
4.4.0
xenxen
4.4.0
xenxen
4.4.1
xenxen
4.4.2
xenxen
4.4.3
xenxen
4.5.0
xenxen
4.5.1
xenxen
4.5.2
xenxen
4.6.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
xen
bullseye
4.14.6-1
fixed
bullseye (security)
4.14.5+94-ge49571868d-1
fixed
bookworm
4.17.3+10-g091466ba55-1~deb12u1
fixed
sid
4.17.3+36-g54dacb5c02-1
fixed
trixie
4.17.3+36-g54dacb5c02-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
xen
wily
Fixed 4.5.1-0ubuntu1.3
released
vivid
ignored
trusty
Fixed 4.4.2-0ubuntu0.14.04.5
released
precise
Fixed 4.1.6.1-0ubuntu0.12.04.10
released
Common Weakness Enumeration