The PV pagetable code has fast-paths for making updates to pre-existing
pagetable entries, to skip expensive re-validation in safe cases
(e.g. clearing only Access/Dirty bits). The bits considered safe were too
broad, and not actually safe.
A malicous PV guest administrator can escalate their privilege to that
of the host.
All versions of Xen are vulnerable.
The vulnerability is only exposed to PV guests on x86 hardware.
The vulnerability is not exposed to x86 HVM guests, or ARM guests.
Running only HVM guests will avoid this vulnerability.
Name: the Xen project
Created attachment 1179130 [details]
Xen 4.5 patch
Created attachment 1179131 [details]
Xen 4.6 patch
Created attachment 1179132 [details]
CVE-2016-6258 was assigned to this issue.
Created xen tracking bugs for this issue:
Affects: fedora-all [bug 1360358]
xen-4.6.3-4.fc24 has been pushed to the Fedora 24 stable repository. If problems still persist, please make note of it in this bug report.
xen-4.5.3-9.fc23 has been pushed to the Fedora 23 stable repository. If problems still persist, please make note of it in this bug report.