Candidate: CVE-2016-9386
PublicDate: 2017-01-23 21:59:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9386
 https://xenbits.xen.org/xsa/advisory-191.html
Description:
 The x86 emulator in Xen does not properly treat x86 NULL segments as
 unusable when accessing memory, which might allow local HVM guest users to
 gain privileges via vectors involving "unexpected" base/limit values.
Ubuntu-Description:
Notes:
 mdeslaur> This is XSA-191
Bugs:
Priority: medium
Discovered-by: Andrew Cooper
Assigned-to:
CVSS:
 nvd: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H [7.8 HIGH]

Patches_xen:
Tags_xen: universe-binary
upstream_xen: needed
precise_xen: released (4.1.6.1-0ubuntu0.12.04.13)
precise/esm_xen: DNE (precise was released [4.1.6.1-0ubuntu0.12.04.13])
trusty_xen: released (4.4.2-0ubuntu0.14.04.9)
trusty/esm_xen: DNE (trusty was released [4.4.2-0ubuntu0.14.04.9])
vivid/ubuntu-core_xen: DNE
vivid/stable-phone-overlay_xen: DNE
xenial_xen: released (4.6.0-1ubuntu4.3)
esm-infra/xenial_xen: released (4.6.0-1ubuntu4.3)
yakkety_xen: released (4.7.0-0ubuntu2.1)
zesty_xen: released (4.8.0-1ubuntu1)
devel_xen: released (4.8.0-1ubuntu1)