Vulnerability Description
Xen 4.5.x through 4.7.x on AMD systems without the NRip feature, when emulating instructions that generate software interrupts, allows local HVM guest OS users to cause a denial of service (guest crash) by leveraging an incorrect choice for software interrupt delivery.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Xen | Xen | 4.5.0 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/94475
- http://www.securitytracker.com/id/1037345
- http://xenbits.xen.org/xsa/advisory-196.htmlPatchVendor Advisory
- https://security.gentoo.org/glsa/201612-56
- http://www.securityfocus.com/bid/94475
- http://www.securitytracker.com/id/1037345
- http://xenbits.xen.org/xsa/advisory-196.htmlPatchVendor Advisory
- https://security.gentoo.org/glsa/201612-56
FAQ
What is CVE-2016-9378?
CVE-2016-9378 is a vulnerability with a CVSS score of 5.5 (MEDIUM). Xen 4.5.x through 4.7.x on AMD systems without the NRip feature, when emulating instructions that generate software interrupts, allows local HVM guest OS users to cause a denial of service (guest cras...
How severe is CVE-2016-9378?
CVE-2016-9378 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2016-9378?
Check the references section above for vendor advisories and patch information. Affected products include: Xen Xen.