5.2 Medium
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:A/AC:L/Au:S/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
26.7%
Xen 3.0.3 through 4.1.x (possibly 4.1.6.1), 4.2.x (possibly 4.2.3), and
4.3.x (possibly 4.3.1) does not properly prevent access to hypercalls,
which allows local guest users to gain privileges via a crafted application
running in ring 1 or 2.
Author | Note |
---|---|
mdeslaur | This is XSA-76 Xen 3.0.3 and later are affected |