Memory Mapping Vulnerability in Xen Hypervisor Versions
CVE-2016-4480
8.4HIGH
Summary
The guest_walk_tables function within the Xen Hypervisor does not appropriately manage the Page Size (PS) page table entry bit at the L4 and L3 table levels. This oversight could potentially enable local guest OS users to manipulate memory mappings, leading to privilege escalation within the system. Exploiting this vulnerability may inadvertently allow users to gain higher access rights than intended, thus compromising the security and integrity of the virtual environment.
References
CVSS V3.1
Score:
8.4
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved