Home

CVE-2016-6259

Description

Xen 4.5.x through 4.7.x do not implement Supervisor Mode Access Prevention (SMAP) whitelisting in 32-bit exception and event delivery, which allows local 32-bit PV guest OS kernels to cause a denial of service (hypervisor and VM crash) by triggering a safety check.

Risk Information

Base Score
6.2
MODERATE
Vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
0.266

Associated Vulnerability

VulnerabilityOS Platform
Multiple Vulnerabilities are affected in Citrix XenCenter 6.0Windows
Multiple Vulnerabilities are affected in Citrix XenCenter 6.0.2Windows
Vulnerabilities CVE-2016-6258,CVE-2016-6259 are affected in Citrix XenCenter 6.1Windows
Multiple Vulnerabilities are affected in Citrix XenCenter 6.2.0Windows
Vulnerabilities CVE-2016-6258,CVE-2016-6259 are affected in Citrix XenCenter 6.5.0-sp1Windows
Multiple Vulnerabilities are affected in Citrix XenCenter 7.0Windows
Improper Input Validation Vulnerability (CVE-2016-6259)NCM

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234