FreeBSD : xen-kernel -- PV superpage functionality missing sanity checks (7ed7c36f-ddaf-11e5-b2bd-002590263bf5)

The Xen Project reports : The PV superpage functionality lacks certain validity checks on data being passed to the hypervisor by guests. This is the case for the page identifier MFN passed to MMUEXTMARKSUPER and MMUEXTUNMARKSUPER sub-ops of the HYPERVISORmmuextop hypercall as well as for various...

CVE-2016-1570

The PV superpage functionality in arch/x86/mm.c in Xen 3.4.0, 3.4.1, and 4.1.x through 4.6.x allows local PV guests to obtain sensitive information, cause a denial of service, gain privileges, or have unspecified other impact via a crafted page identifier MFN to the 1 MMUEXTMARKSUPER or 2...