Description
The PV superpage functionality in arch/x86/mm.c in Xen 3.4.0, 3.4.1, and 4.1.x through 4.6.x allows local PV guests to obtain sensitive information, cause a denial of service, gain privileges, or have unspecified other impact via a crafted page identifier (MFN) to the (1) MMUEXT_MARK_SUPER or (2) MMUEXT_UNMARK_SUPER sub-op in the HYPERVISOR_mmuext_op hypercall or (3) unknown vectors related to page table updates.
Analysis and contextual insights are available on OpenCVE Cloud.
Remediation
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
Debian DLA |
DLA-479-1 | xen security update |
Debian DSA |
DSA-3519-1 | xen security update |
EUVD |
EUVD-2016-2665 | The PV superpage functionality in arch/x86/mm.c in Xen 3.4.0, 3.4.1, and 4.1.x through 4.6.x allows local PV guests to obtain sensitive information, cause a denial of service, gain privileges, or have unspecified other impact via a crafted page identifier (MFN) to the (1) MMUEXT_MARK_SUPER or (2) MMUEXT_UNMARK_SUPER sub-op in the HYPERVISOR_mmuext_op hypercall or (3) unknown vectors related to page table updates. |
References
History
No history.
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-08-05T23:02:11.689Z
Reserved: 2016-01-11T00:00:00.000Z
Link: CVE-2016-1570
No data.
Status : Modified
Published: 2016-01-22T15:59:05.913
Modified: 2026-06-17T00:42:11.210
Link: CVE-2016-1570
OpenCVE Enrichment
No data.
Weaknesses
Debian DLA
Debian DSA
EUVD