vulnerability

Debian: CVE-2016-4480: xen -- security update

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:L/AC:L/Au:N/C:C/I:C/A:C)	May 18, 2016	Jul 28, 2016	Mar 30, 2026

Severity

CVSS

(AV:L/AC:L/Au:N/C:C/I:C/A:C)

Published

May 18, 2016

Added

Jul 28, 2016

Modified

Mar 30, 2026

Description

The guest_walk_tables function in arch/x86/mm/guest_walk.c in Xen 4.6.x and earlier does not properly handle the Page Size (PS) page table entry bit at the L4 and L3 page table levels, which might allow local guest OS users to gain privileges via a crafted mapping of memory.

Solution

debian-upgrade-xen

References

CVE-2016-4480
https://attackerkb.com/topics/CVE-2016-4480
DEBIAN-DLA-571-1
DEBIAN-DSA-3633
EUVD-EUVD-2016-5467
https://euvd.enisa.europa.eu/vulnerability/EUVD-2016-5467

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report