CVE-2007-6416

critical

Description

The copy_to_user function in the PAL emulation functionality for Xen 3.1.2 and earlier, when running on ia64 systems, allows HVM guest users to access arbitrary physical memory by triggering certain mapping operations.

References

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9840

http://www.securityfocus.com/bid/26954

http://www.redhat.com/support/errata/RHSA-2008-0089.html

http://secunia.com/advisories/28643

http://secunia.com/advisories/28146

http://osvdb.org/41344

Details

Source: Mitre, NVD

Published: 2007-12-17

Updated: 2024-11-21

Risk Information

CVSS v2

Base Score: 4.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 9.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Severity: Critical