CVE-2016-9382

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2016-9382

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-9382.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2016-9382

Downstream

ALPINE-CVE-2016-9382

DEBIAN-CVE-2016-9382

DLA-720-1

DSA-3729-1

SUSE-SU-2016:3044-1

SUSE-SU-2016:3067-1

SUSE-SU-2016:3083-1

SUSE-SU-2016:3156-1

SUSE-SU-2016:3174-1

SUSE-SU-2016:3273-1

UBUNTU-CVE-2016-9382

openSUSE-SU-2024:11520-1

Related

Published

2017-01-23T21:59:02Z

Modified

2025-08-09T20:01:27Z

Severity

7.8 (High) CVSS_V3 - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

Xen 4.0.x through 4.7.x mishandle x86 task switches to VM86 mode, which allows local 32-bit x86 HVM guest OS users to gain privileges or cause a denial of service (guest OS crash) by leveraging a guest operating system that uses hardware task switching and allows a new task to start in VM86 mode.

References

Affected packages