VDB
CVE-2016-7093
CVE-2016-7093
REJECTED
Xen 4.5.3, 4.6.3, and 4.7.x allow local HVM guest OS administrators to overwrite hypervisor memory and consequently gain host OS privileges by leveraging mishandling of instruction pointer truncation during emulation.
EPSS 0.06% · 19.1th percentile
Risk Scores
EPSS Score
0.06%
19.1th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:16.04:LTS | xen | 0, 4.5.1-0ubuntu1, 4.5.1-0ubuntu2 |
Timeline
- Jun 20, 2016 PoC Published
- Sep 9, 2016 CVE Published
- Jul 20, 2018 PoC Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 3, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 8, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
References
- https://ubuntu.com/security/CVE-2016-7093 third-party-advisory
- http://xenbits.xen.org/xsa/advisory-186.html third-party-advisory
- https://www.cve.org/CVERecord?id=CVE-2016-7093 third-party-advisory