CVE 2016-7092
The get_page_from_l3e function in arch/x86/mm.c in Xen allows local 32-bit PV guest OS administrators to gain host OS privileges via vectors related to L3 recursive pagetables.
Related bugs and status
CVE-2016-7092 (Candidate) is related to these bugs:
Bug #1396670: gdbsx missing
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1396670 | gdbsx missing | xen (Ubuntu) | Medium | Fix Released | ||
| 1396670 | gdbsx missing | xen (Ubuntu Yakkety) | Medium | Fix Released | ||
Bug #1671760: Xen HVM guests running linux 4.10 fail to boot on Intel hosts
Bug #1671864: Xen stable update to 4.6.5
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1671864 | Xen stable update to 4.6.5 | xen (Ubuntu) | Medium | Invalid | ||
| 1671864 | Xen stable update to 4.6.5 | xen (Ubuntu Xenial) | Medium | Fix Released | ||
Bug #1672767: Xen stable update to 4.7.2
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1672767 | Xen stable update to 4.7.2 | xen (Ubuntu) | Medium | Invalid | ||
| 1672767 | Xen stable update to 4.7.2 | xen (Ubuntu Yakkety) | Medium | Fix Released | ||
See the 
CVE page on Mitre.org
for more details.
