Vulnerability Details CVE-2007-6416
The copy_to_user function in the PAL emulation functionality for Xen 3.1.2 and earlier, when running on ia64 systems, allows HVM guest users to access arbitrary physical memory by triggering certain mapping operations.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 35.2%
CVSS Severity
CVSS v2 Score 4.6
References
- http://osvdb.org/41344
- http://secunia.com/advisories/28146
- http://secunia.com/advisories/28643
- http://www.redhat.com/support/errata/RHSA-2008-0089.html
- http://www.securityfocus.com/bid/26954
- http://xenbits.xensource.com/ext/ia64/xen-unstable.hg?rev/e6069a715fd7
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9840
- http://osvdb.org/41344
- http://secunia.com/advisories/28146
- http://secunia.com/advisories/28643
- http://www.redhat.com/support/errata/RHSA-2008-0089.html
- http://www.securityfocus.com/bid/26954
- http://xenbits.xensource.com/ext/ia64/xen-unstable.hg?rev/e6069a715fd7
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9840