Launchpad CVE tracker

CVE 2016-4963

The libxl device-handling in Xen through 4.6.x allows local guest OS users with access to the driver domain to cause a denial of service (management tool confusion) by manipulating information in the backend directories in xenstore.

Related bugs and status

CVE-2016-4963 (Candidate) is related to these bugs:

Bug #1671760: Xen HVM guests running linux 4.10 fail to boot on Intel hosts

		In	Importance	Status
1671760	Xen HVM guests running linux 4.10 fail to boot on Intel hosts	xen (Ubuntu)	High	Fix Released
1671760	Xen HVM guests running linux 4.10 fail to boot on Intel hosts	xen (Ubuntu Zesty)	High	Fix Released
1671760	Xen HVM guests running linux 4.10 fail to boot on Intel hosts	xen (Ubuntu Trusty)	High	Fix Released
1671760	Xen HVM guests running linux 4.10 fail to boot on Intel hosts	xen (Ubuntu Yakkety)	High	Fix Released
1671760	Xen HVM guests running linux 4.10 fail to boot on Intel hosts	xen (Ubuntu Xenial)	High	Fix Released
1671760	Xen HVM guests running linux 4.10 fail to boot on Intel hosts	linux (Ubuntu)	Undecided	Won't Fix
1671760	Xen HVM guests running linux 4.10 fail to boot on Intel hosts	linux (Ubuntu Trusty)	Undecided	Invalid
1671760	Xen HVM guests running linux 4.10 fail to boot on Intel hosts	linux (Ubuntu Xenial)	Undecided	Invalid
1671760	Xen HVM guests running linux 4.10 fail to boot on Intel hosts	linux (Ubuntu Yakkety)	Undecided	Invalid
1671760	Xen HVM guests running linux 4.10 fail to boot on Intel hosts	linux (Ubuntu Zesty)	Undecided	Won't Fix

Bug #1671864: Xen stable update to 4.6.5

Summary				In	Importance	Status
	1671864	Xen stable update to 4.6.5		xen (Ubuntu)	Medium	Invalid
	1671864	Xen stable update to 4.6.5		xen (Ubuntu Xenial)	Medium	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2016-4963

References