CVE-2016-9637 Red Hat Update for Xen Security (RHSA-2016:2963)

漏洞类别:RedHat

漏洞等级:

漏洞信息

Xen is a virtual machine monitor

An out of bounds array access issue was found in the Xen virtual machine monitor, built with the QEMU ioport support. It could occur while doing ioport read/write operations, if guest was to supply a 32bit address parameter. A privileged guest user/process could use this flaw to potentially escalate their privileges on a host. (CVE-2016-9637)

漏洞危害

A privileged guest user/process could use this flaw to potentially escalate their privileges on a host.

解决方案

Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.

Refer to Red Hat security advisory RHSA-2016:2963 to address this issue and obtain more information.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

RHSA-2016:2963: Red Hat Enterprise Linux

0day

发表评论