4.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:N/I:N/A:C
0.0004 Low
EPSS
Percentile
5.2%
xen_failsafe_callback incorrectly sets up its stack if an iret fault is injected by the hypervisor.
Malicious or buggy unprivileged userspace can cause the guest kernel to crash, or operate erroneously.
All 32bit PVOPS versions of Linux are affected, since the introduction of Xen PVOPS support in 2.6.23. Classic-Xen kernels are not vulnerable.