Vulnerabilities

CVE-2016-1571

by Fred · 22/01/2016

The paging_invlpg function in include/asm-x86/paging.h in Xen 3.3.x through 4.6.x, when using shadow mode paging or nested virtualization is enabled, allows local HVM guest users to cause a denial of service (host crash) via a non-canonical guest address in an INVVPID instruction, which triggers a hypervisor bug check.

Date published : 2016-01-22

http://support.citrix.com/article/CTX205496

http://xenbits.xen.org/xsa/advisory-168.html

Similar

Tags: Cybersecurity Alert