VDB
ALPINE-CVE-2016-9386
ALPINE-CVE-2016-9386
PUBLISHED
CVSS 7.800000190734863 HIGH
The x86 emulator in Xen does not properly treat x86 NULL segments as unusable when accessing memory, which might allow local HVM guest users to gain privileges via vectors involving "unexpected" base/limit values.
Risk Scores
CVSS 3.0
7.800000190734863
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Alpine:v3.7 | xen | 0, 4.7.1-r0, 0 |
| Alpine:v3.23 | xen | 4.3.3-r0, 0, 4.7.1-r0 |
| Alpine:v3.21 | xen | 4.7.1-r0, 4.0.1-r0, 4.0.1-r1 |
| Alpine:v3.12 | xen | 4.7.1-r0, 0, 4.0.1-r1 |
| Alpine:v3.20 | xen | 4.4.2-r1, 4.1.2-r7, 0 |
| Alpine:v3.22 | xen | 0, 4.0.1-r0, 4.0.1-r1 |
| Alpine:v3.9 | xen | 4.7.1-r0, 4.0.1-r0, 4.0.1-r1 |
| Alpine:v3.5 | xen | 0, 0, 4.0.1-r0 |
| Alpine:v3.8 | xen | 0, 4.0.1-r0, 4.0.1-r1 |
| Alpine:v3.10 | xen | 4.2.1-r10, 0, 4.0.1-r1 |
| Alpine:v3.16 | xen | 4.0.1-r2, 0, 4.7.1-r0 |
| Alpine:v3.17 | xen | 4.7.1-r0, 0, 4.1.0-r2 |
| Alpine:v3.19 | xen | 4.0.1-r1, 4.0.1-r0, 4.1.0-r0 |
| Alpine:v3.13 | xen | 4.1.0-r0, 0, 0 |
| Alpine:v3.18 | xen | 0, 4.7.1-r0, 4.7.0-r5 |
| Alpine:v3.24 | xen | 0 |
| Alpine:v3.14 | xen | 4.0.1-r2, 4.0.1-r3, 4.1.0-r0 |
| Alpine:v3.6 | xen | 4.0.1-r0, 4.7.1-r0, 4.7.0-r5 |
| Alpine:v3.15 | xen | 0, 4.0.1-r0, 4.0.1-r1 |
| Alpine:v3.11 | xen | 0, 4.7.0-r5, 4.7.0-r4 |
Timeline
- Jan 23, 2017 CVE Published
- Apr 30, 2026 Distribution Patch
- Jun 9, 2026 CVE Updated