{"id": "CVE-2016-9818", "bulletinFamily": "NVD", "title": "CVE-2016-9818", "description": "Xen through 4.7.x allows local ARM guest OS users to cause a denial of service (host crash) via vectors involving an asynchronous abort while at HYP.", "published": "2017-02-27T22:59:00", "modified": "2017-07-28T01:29:00", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9818", "reporter": "cve@mitre.org", "references": ["http://xenbits.xen.org/xsa/xsa201-4.patch", "https://security.gentoo.org/glsa/201612-56", "http://www.securitytracker.com/id/1037358", "http://www.openwall.com/lists/oss-security/2016/11/29/3", "http://www.securityfocus.com/bid/94581", "http://xenbits.xen.org/xsa/advisory-201.html", "http://www.openwall.com/lists/oss-security/2016/12/05/7"], "cvelist": ["CVE-2016-9818"], "type": "cve", "lastseen": "2019-05-29T18:15:41", "history": [], "edition": 1, "hashmap": [{"key": "affectedSoftware", "hash": "81ea3aeb30e5b38376d49e6743342d10"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "cda4701e24164b84c17d9a39fef3643b"}, {"key": "cpe23", "hash": "67108aa348977d91ac7e3e48df1c44a6"}, {"key": "cvelist", "hash": "3d25a9c9779c17d78cadfd64d055dc45"}, {"key": "cvss", "hash": "56e454327abce8ebd12f34a059bd8cee"}, {"key": "cvss2", "hash": "39e24753d1141df8bbbfe079d66c85b6"}, {"key": "cvss3", "hash": "df2347014cd69bdc69db072388d64ba7"}, {"key": "cwe", "hash": "bf65bed5ef164b420c3766cd1a3b85a5"}, {"key": "description", "hash": "e1a2841a2d63f75353189b9654d17273"}, {"key": "href", "hash": "048c4424462819c9f6e2455535fbc650"}, {"key": "modified", "hash": "d77794a71cfda534d11e976aab8350d7"}, {"key": "published", "hash": "aa38da11d276f83620b9c0700049cade"}, {"key": "references", "hash": "e022f77a246ac27b82083f202d339e82"}, {"key": "reporter", "hash": "444c2b4dda4a55437faa8bef1a141e84"}, {"key": "title", "hash": "138e256900aeaab302bcef1d59e8093b"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "48c8e639dea3d60142f79d76e03e0875dcd0f74db4d34326652bd75205aa2a34", "viewCount": 0, "enchantments": {"score": {"value": 4.6, "vector": "NONE", "modified": "2019-05-29T18:15:41"}, "dependencies": {"references": [{"type": "nessus", "idList": ["FEDORA_2016-BCBAE0781F.NASL", "FEDORA_2016-CC2916DCF4.NASL", "GENTOO_GLSA-201612-56.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310872166", "OPENVAS:1361412562310872184", "OPENVAS:1361412562310872169"]}, {"type": "gentoo", "idList": ["GLSA-201612-56"]}], "modified": "2019-05-29T18:15:41"}, "vulnersScore": 4.6}, "objectVersion": "1.3", "cpe": ["cpe:/o:xen:xen:4.7.1", "cpe:/a:xen:xen:4.7.1", "cpe:/o:xen:xen:4.7.0", "cpe:/a:xen:xen:4.7.0"], "affectedSoftware": [{"name": "xen xen", "operator": "eq", "version": "4.7.1"}, {"name": "xen xen", "operator": "eq", "version": "4.7.0"}], "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 4.9, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 2.0, "impactScore": 4.0}, "cpe23": ["cpe:2.3:o:xen:xen:4.7.0:*:*:*:*:*:*:*", "cpe:2.3:o:xen:xen:4.7.1:*:*:*:*:*:*:*"], "cwe": ["CWE-284"]}

{"nessus": [{"lastseen": "2019-02-21T01:28:51", "bulletinFamily": "scanner", "description": "ARM guests may induce host asynchronous abort [XSA-201, CVE-2016-9815, CVE-2016-9816, CVE-2016-9817, CVE-2016-9818] (#1399747) qemu: Divide by zero vulnerability in cirrus_do_copy (#1399055) [CVE-2016-9921, CVE-2016-9922] Qemu: 9pfs: memory leakage via proxy/handle callbacks (#1402278) qemu ioport array overflow [XSA-199, CVE-2016-9637]\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2017-03-06T00:00:00", "id": "FEDORA_2016-CC2916DCF4.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=96025", "published": "2016-12-20T00:00:00", "title": "Fedora 23 : xen (2016-cc2916dcf4)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2016-cc2916dcf4.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(96025);\n script_version(\"$Revision: 3.5 $\");\n script_cvs_date(\"$Date: 2017/03/06 14:38:26 $\");\n\n script_cve_id(\"CVE-2016-9637\", \"CVE-2016-9815\", \"CVE-2016-9816\", \"CVE-2016-9817\", \"CVE-2016-9818\", \"CVE-2016-9913\", \"CVE-2016-9921\", \"CVE-2016-9922\");\n script_xref(name:\"FEDORA\", value:\"2016-cc2916dcf4\");\n\n script_name(english:\"Fedora 23 : xen (2016-cc2916dcf4)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"ARM guests may induce host asynchronous abort [XSA-201, CVE-2016-9815,\nCVE-2016-9816, CVE-2016-9817, CVE-2016-9818] (#1399747) qemu: Divide\nby zero vulnerability in cirrus_do_copy (#1399055) [CVE-2016-9921,\nCVE-2016-9922] Qemu: 9pfs: memory leakage via proxy/handle callbacks\n(#1402278) qemu ioport array overflow [XSA-199, CVE-2016-9637]\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2016-cc2916dcf4\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected xen package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:xen\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:23\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/12/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/12/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2017 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^23([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 23\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC23\", reference:\"xen-4.5.5-5.fc23\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xen\");\n}\n", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:28:54", "bulletinFamily": "scanner", "description": "x86 CMPXCHG8B emulation fails to ignore operand size override [XSA-200, CVE-2016-9932] (#1404262)\n\n----\n\nARM guests may induce host asynchronous abort [XSA-201, CVE-2016-9815, CVE-2016-9816, CVE-2016-9817, CVE-2016-9818] (#1399747) qemu: Divide by zero vulnerability in cirrus_do_copy (#1399055) [CVE-2016-9921, CVE-2016-9922] Qemu: 9pfs: memory leakage via proxy/handle callbacks (#1402278) qemu ioport array overflow [XSA-199, CVE-2016-9637]\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2017-03-06T00:00:00", "id": "FEDORA_2016-BCBAE0781F.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=96113", "published": "2016-12-27T00:00:00", "title": "Fedora 24 : xen (2016-bcbae0781f)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2016-bcbae0781f.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(96113);\n script_version(\"$Revision: 3.6 $\");\n script_cvs_date(\"$Date: 2017/03/06 14:38:26 $\");\n\n script_cve_id(\"CVE-2016-9637\", \"CVE-2016-9815\", \"CVE-2016-9816\", \"CVE-2016-9817\", \"CVE-2016-9818\", \"CVE-2016-9913\", \"CVE-2016-9921\", \"CVE-2016-9922\", \"CVE-2016-9932\");\n script_xref(name:\"FEDORA\", value:\"2016-bcbae0781f\");\n\n script_name(english:\"Fedora 24 : xen (2016-bcbae0781f)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"x86 CMPXCHG8B emulation fails to ignore operand size override\n[XSA-200, CVE-2016-9932] (#1404262)\n\n----\n\nARM guests may induce host asynchronous abort [XSA-201, CVE-2016-9815,\nCVE-2016-9816, CVE-2016-9817, CVE-2016-9818] (#1399747) qemu: Divide\nby zero vulnerability in cirrus_do_copy (#1399055) [CVE-2016-9921,\nCVE-2016-9922] Qemu: 9pfs: memory leakage via proxy/handle callbacks\n(#1402278) qemu ioport array overflow [XSA-199, CVE-2016-9637]\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2016-bcbae0781f\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected xen package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:xen\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:24\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/12/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/12/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2017 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^24([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 24\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC24\", reference:\"xen-4.6.4-4.fc24\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xen\");\n}\n", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:28:56", "bulletinFamily": "scanner", "description": "The remote host is affected by the vulnerability described in GLSA-201612-56 (Xen: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Xen. Please review the CVE identifiers referenced below for details.\n Impact :\n\n A local attacker could possibly execute arbitrary code with the privileges of the process, could gain privileges on the host system, cause a Denial of Service condition, or obtain sensitive information.\n Workaround :\n\n There is no known workaround at this time.", "modified": "2017-01-31T00:00:00", "id": "GENTOO_GLSA-201612-56.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=96231", "published": "2017-01-03T00:00:00", "title": "GLSA-201612-56 : Xen: Multiple vulnerabilities", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201612-56.\n#\n# The advisory text is Copyright (C) 2001-2017 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(96231);\n script_version(\"$Revision: 3.6 $\");\n script_cvs_date(\"$Date: 2017/01/31 15:55:28 $\");\n\n script_cve_id(\"CVE-2016-10024\", \"CVE-2016-9377\", \"CVE-2016-9378\", \"CVE-2016-9379\", \"CVE-2016-9380\", \"CVE-2016-9381\", \"CVE-2016-9382\", \"CVE-2016-9383\", \"CVE-2016-9384\", \"CVE-2016-9385\", \"CVE-2016-9386\", \"CVE-2016-9637\", \"CVE-2016-9815\", \"CVE-2016-9816\", \"CVE-2016-9817\", \"CVE-2016-9818\", \"CVE-2016-9932\");\n script_xref(name:\"GLSA\", value:\"201612-56\");\n script_xref(name:\"IAVB\", value:\"2017-B-0008\");\n\n script_name(english:\"GLSA-201612-56 : Xen: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201612-56\n(Xen: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Xen. Please review the\n CVE identifiers referenced below for details.\n \nImpact :\n\n A local attacker could possibly execute arbitrary code with the\n privileges of the process, could gain privileges on the host system,\n cause a Denial of Service condition, or obtain sensitive information.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201612-56\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Xen users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-emulation/xen-4.7.1-r4'\n All Xen Tools users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose\n '>=app-emulation/xen-tools-4.7.1-r4'\n All Xen PvGrub users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose\n '>=app-emulation/xen-pvgrub-4.7.1-r1'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:xen-pvgrub\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:xen-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/12/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/01/03\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"app-emulation/xen\", unaffected:make_list(\"ge 4.7.1-r4\"), vulnerable:make_list(\"lt 4.7.1-r4\"))) flag++;\nif (qpkg_check(package:\"app-emulation/xen-pvgrub\", unaffected:make_list(\"ge 4.7.1-r1\"), vulnerable:make_list(\"lt 4.7.1-r1\"))) flag++;\nif (qpkg_check(package:\"app-emulation/xen-tools\", unaffected:make_list(\"ge 4.7.1-r4\"), vulnerable:make_list(\"lt 4.7.1-r4\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Xen\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "openvas": [{"lastseen": "2019-05-29T18:35:13", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2016-12-19T00:00:00", "id": "OPENVAS:1361412562310872166", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310872166", "title": "Fedora Update for xen FEDORA-2016-cc2916dcf4", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for xen FEDORA-2016-cc2916dcf4\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.872166\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-12-19 06:13:39 +0100 (Mon, 19 Dec 2016)\");\n script_cve_id(\"CVE-2016-9815\", \"CVE-2016-9816\", \"CVE-2016-9817\", \"CVE-2016-9818\", \"CVE-2016-9921\", \"CVE-2016-9922\", \"CVE-2016-9637\", \"CVE-2016-9913\", \"CVE-2016-9914\", \"CVE-2016-9915\", \"CVE-2016-9916\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for xen FEDORA-2016-cc2916dcf4\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'xen'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"xen on Fedora 23\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-cc2916dcf4\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KBJRH37EFT37GXFTPXFFF6VA2QUNBKPB\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC23\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC23\")\n{\n\n if ((res = isrpmvuln(pkg:\"xen\", rpm:\"xen~4.5.5~5.fc23\", rls:\"FC23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:35:50", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2016-12-26T00:00:00", "id": "OPENVAS:1361412562310872184", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310872184", "title": "Fedora Update for xen FEDORA-2016-bcbae0781f", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for xen FEDORA-2016-bcbae0781f\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.872184\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-12-26 06:03:41 +0100 (Mon, 26 Dec 2016)\");\n script_cve_id(\"CVE-2016-9932\", \"CVE-2016-9815\", \"CVE-2016-9816\", \"CVE-2016-9817\",\n \"CVE-2016-9818\", \"CVE-2016-9921\", \"CVE-2016-9922\", \"CVE-2016-9637\",\n \"CVE-2016-9913\", \"CVE-2016-9914\", \"CVE-2016-9915\", \"CVE-2016-9916\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for xen FEDORA-2016-bcbae0781f\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'xen'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"xen on Fedora 24\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-bcbae0781f\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YTUTHSETSKEL5RS2HA3FWRYANKYMNOXJ\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC24\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC24\")\n{\n\n if ((res = isrpmvuln(pkg:\"xen\", rpm:\"xen~4.6.4~4.fc24\", rls:\"FC24\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:35:49", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2016-12-20T00:00:00", "id": "OPENVAS:1361412562310872169", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310872169", "title": "Fedora Update for xen FEDORA-2016-1b868c23a9", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for xen FEDORA-2016-1b868c23a9\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.872169\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-12-20 06:00:50 +0100 (Tue, 20 Dec 2016)\");\n script_cve_id(\"CVE-2016-9932\", \"CVE-2016-9815\", \"CVE-2016-9816\", \"CVE-2016-9817\",\n \"CVE-2016-9818\", \"CVE-2016-9921\", \"CVE-2016-9922\", \"CVE-2016-9913\",\n \"CVE-2016-9914\", \"CVE-2016-9915\", \"CVE-2016-9916\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for xen FEDORA-2016-1b868c23a9\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'xen'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"xen on Fedora 25\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-1b868c23a9\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N7OVS6LN5Y35RH3ERTM3HS25TCWC4HQH\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC25\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC25\")\n{\n\n if ((res = isrpmvuln(pkg:\"xen\", rpm:\"xen~4.7.1~5.fc25\", rls:\"FC25\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}], "gentoo": [{"lastseen": "2017-01-01T02:13:30", "bulletinFamily": "unix", "description": "### Background\n\nXen is a bare-metal hypervisor.\n\n### Description\n\nMultiple vulnerabilities have been discovered in Xen. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA local attacker could possibly execute arbitrary code with the privileges of the process, could gain privileges on the host system, cause a Denial of Service condition, or obtain sensitive information. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Xen users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-emulation/xen-4.7.1-r4\"\n \n\nAll Xen Tools users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose\n \">=app-emulation/xen-tools-4.7.1-r4\"\n \n\nAll Xen PvGrub users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose\n \">=app-emulation/xen-pvgrub-4.7.1-r1\"", "modified": "2016-12-31T00:00:00", "published": "2016-12-31T00:00:00", "href": "https://security.gentoo.org/glsa/201612-56", "id": "GLSA-201612-56", "type": "gentoo", "title": "Xen: Multiple vulnerabilities", "cvss": {"score": 0.0, "vector": "NONE"}}]}