CVE-2016-9637

Priority
Description
The (1) ioport_read and (2) ioport_write functions in Xen, when qemu is
used as a device model within Xen, might allow local x86 HVM guest OS
administrators to gain qemu process privileges via vectors involving an
out-of-range ioport access.
Notes
ratliffARM systems are not vulnerable according to the XSA
mdeslaurThis is XSA-199
Package
Source: qemu (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 14.04 ESM (Trusty Tahr):not-affected (code not present)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (code not present)
Package
Upstream:needs-triage
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Source: xen (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was released [4.4.2-0ubuntu0.14.04.9])
Ubuntu 16.04 LTS (Xenial Xerus):not-affected
Binaries built from this source package are in universe and so are supported by the community. For more details see https://wiki.ubuntu.com/SecurityTeam/FAQ#Official_Support
More Information

Updated: 2020-03-18 22:47:11 UTC (commit 2ea7df7bd1e69e1e489978d2724a936eb3faa1b8)