CVE-2016-7092 — xen - security update

Description

The get_page_from_l3e function in arch/x86/mm.c in Xen allows local 32-bit PV guest OS administrators to gain host OS privileges via vectors related to L3 recursive pagetables.

How to fix CVE-2016-7092

To remediate CVE-2016-7092, upgrade the affected package to a fixed version below.

Alpine/xen—upgrade to 4.7.0-r1 or later
Debian/xen—upgrade to 4.8.0~rc3-1 or later
—upgrade to 4.1.6.lts1-2 or later
—upgrade to 4.4.1-9+deb8u7 or later

Is CVE-2016-7092 being exploited?

Low — EPSS is 0.1%, meaning exploitation activity has not been observed at scale.

Affected packages (4)

from 0, < 4.7.0-r1
from 0, < 4.8.0~rc3-1
from 0, < 4.1.6.lts1-2
from 0, < 4.4.1-9+deb8u7

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	HIGH8.2	CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

References (2)

ADVISORYsecurity.alpinelinux.org/vuln/CVE-2016-7092
ADVISORYsecurity-tracker.debian.org/tracker/CVE-2016-7092