5.7 Medium
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:A/AC:M/Au:N/C:N/I:N/A:C
0.005 Low
EPSS
Percentile
75.3%
Permission checks on the emulation paths (intended for guests using nested virtualization) for VMLAUNCH and VMRESUME were deferred too much. The hypervisor would try to use internal state which is not set up unless nested virtualization is actually enabled for a guest.
A malicious or misbehaved HVM guest, including malicious or misbehaved user mode code run in the guest, might be able to crash the host.
Xen 4.2.x and later are vulnerable. Xen 4.1.x and earlier are not vulnerable.
Only HVM guests run on VMX capable (e.g. Intel) hardware can take advantage of this vulnerability.