Xen is a virtual machine monitor
An out of bounds array access issue was found in the Xen virtual machine monitor, built with the QEMU ioport support. It could occur while doing ioport read/write operations, if guest was to supply a 32bit address parameter. A privileged guest user/process could use this flaw to potentially escalate their privileges on a host. (CVE-2016-9637)
A privileged guest user/process could use this flaw to potentially escalate their privileges on a host.
Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.
Refer to Red Hat security advisory RHSA-2016:2963 to address this issue and obtain more information.
Following are links for downloading patches to fix the vulnerabilities: