ALPINE-CVE-2016-7093

ALPINE-CVE-2016-7093 PUBLISHED CVSS 8.199999809265137 HIGH

Xen 4.5.3, 4.6.3, and 4.7.x allow local HVM guest OS administrators to overwrite hypervisor memory and consequently gain host OS privileges by leveraging mishandling of instruction pointer truncation during emulation.

Risk Scores

CVSS 3.0

8.199999809265137

CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Affected Products

Vendor	Product	Versions
Alpine:v3.22	xen	0, 0, 4.0.1-r0
Alpine:v3.15	xen	0, 4.5.0-r0, 0
Alpine:v3.20	xen	4.1.0-r2, 4.0.1-r0, 4.0.1-r1
Alpine:v3.12	xen	4.3.0-r6, 4.0.1-r3, 4.1.0-r0
Alpine:v3.7	xen	4.6.3-r1, 0, 4.0.1-r1
Alpine:v3.19	xen	4.0.1-r1, 4.0.1-r2, 4.0.1-r3
Alpine:v3.8	xen	0, 4.2.1-r1, 4.0.1-r0
Alpine:v3.5	xen	0, 4.7.0-r0, 4.6.3-r1
Alpine:v3.9	xen	4.3.1-r1, 4.7.0-r0, 4.6.3-r1
Alpine:v3.18	xen	4.2.2-r11, 4.0.1-r0, 4.0.1-r1
Alpine:v3.14	xen	0, 4.0.1-r1, 4.0.1-r2
Alpine:v3.24	xen	0
Alpine:v3.17	xen	0, 4.7.0-r0, 4.6.3-r1
Alpine:v3.4	xen	4.0.1-r0, 4.0.1-r2, 4.0.1-r3
Alpine:v3.6	xen	4.6.0-r5, 0, 4.0.1-r0
Alpine:v3.23	xen	4.7.0-r0, 4.0.1-r0, 4.0.1-r2
Alpine:v3.11	xen	4.6.0-r1, 4.7.0-r0, 4.0.1-r0
Alpine:v3.13	xen	4.2.2-r11, 0, 4.7.0-r0
Alpine:v3.21	xen	4.1.2-r8, 4.6.0-r0, 4.6.0-r1
Alpine:v3.16	xen	0, 4.0.1-r2, 4.7.0-r0

…and 1 more

Timeline

Sep 21, 2016 CVE Published
Apr 30, 2026 Distribution Patch
Jun 9, 2026 CVE Updated

References

https://security.alpinelinux.org/vuln/CVE-2016-7093 advisory

Open in Interactive Console →