CVE-2016-5242

The p2m_teardown function in arch/arm/p2m.c in Xen 4.4.x through 4.6.x allows local guest OS users with access to the driver domain to cause a denial of service (NULL pointer dereference and host OS crash) by creating concurrent domains and holding references to them, related to VMID exhaustion.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.6 MEDIUM
LOCAL
HIGH
LOW
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 34%
VendorProductVersion
xenxen
4.4.0
xenxen
4.4.0:rc1
xenxen
4.4.1
xenxen
4.4.2
xenxen
4.4.3
xenxen
4.4.4
xenxen
4.5.0
xenxen
4.5.1
xenxen
4.5.2
xenxen
4.5.3
xenxen
4.6.0
xenxen
4.6.1
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
xen
bullseye
4.14.6-1
fixed
wheezy
not-affected
bullseye (security)
4.14.5+94-ge49571868d-1
fixed
bookworm
4.17.3+10-g091466ba55-1~deb12u1
fixed
sid
4.17.3+36-g54dacb5c02-1
fixed
trixie
4.17.3+36-g54dacb5c02-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
xen
xenial
Fixed 4.6.0-1ubuntu4.1
released
wily
Fixed 4.5.1-0ubuntu1.4
released
trusty
Fixed 4.4.2-0ubuntu0.14.04.6
released
precise
not-affected
References
http://www.debian.org/security/2016/dsa-3633
http://www.securityfocus.com/bid/91015
http://www.securitytracker.com/id/1036035
http://xenbits.xen.org/xsa/advisory-181.html
http://www.debian.org/security/2016/dsa-3633
http://www.securityfocus.com/bid/91015
http://www.securitytracker.com/id/1036035
http://xenbits.xen.org/xsa/advisory-181.html