Computer Emergency Response Team of Mauritius

Vulnerabilities in Xen

Severity Rating: Medium

System Affected:

Xen versions 4.5 and later

Multiple Vulnerabilities have been identified in Xen which allow a local user on the guest system to cause denial of service conditions on the guest system.

Moreover, an attacker can exploit these vulnerabilities to crash the guest, denying service to legitimate users.

Source

Solution

Users are advised to apply updates.

More information is available on:
Xen
http://xenbits.xenproject.org/xsa/advisory-196.html

Vendor Information

Xen

https://www.xenproject.org/

CVE Information
CVE-2016-9377
CVE-2016-9378

References

Security Focus

http://www.securityfocus.com/bid/94475/info

Contact Information

E-mail: contact@cert.ncb.mu

Postal address
Mauritian Computer Emergency Response Team (CERT-MU)
National Computer Board
7th Floor, Stratton Court
La Poudriere Street
Port Louis

Top Link Bar

VN-2017-1

Subscribe to newsletter