1.9 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:N/I:N/A:P
0.001 Low
EPSS
Percentile
26.9%
arch/x86/x86_emulate/x86_emulate.c in Xen 3.2.1 through 4.4.x does not
properly check privileges, which allows local HVM guest users to gain
privileges or cause a denial of service (crash) via a crafted (1) CALL, (2)
JMP, (3) RETF, (4) LCALL, (5) LJMP, or (6) LRET far branch instruction.
Author | Note |
---|---|
mdeslaur | 3.2.1+ |