[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-SUSE-SU-2016:2473-1":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T08:53:30.047Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":34,"duplicates":35,"related":36,"reserved_at":9,"published_at":47,"modified_at":48,"state":9,"summary":49,"references_raw":51,"kevs":184,"epss":9,"epss_history":185,"metrics":186,"affected":187},"SUSE-SU-2016:2473-1","Security update for xen\n\nThis update for xen fixes several issues.\n\nThese security issues were fixed:\n- CVE-2016-7092: The get_page_from_l3e function in arch/x86/mm.c in Xen allowed local 32-bit PV guest OS administrators to gain host OS privileges via vectors related to L3 recursive pagetables (bsc#995785).\n- CVE-2016-7093: Xen allowed local HVM guest OS administrators to overwrite hypervisor memory and consequently gain host OS privileges by leveraging mishandling of instruction pointer truncation during emulation (bsc#995789).\n- CVE-2016-7094: Buffer overflow in Xen allowed local x86 HVM guest OS administrators on guests running with shadow paging to cause a denial of service via a pagetable update (bsc#995792).\n- CVE-2016-6836: Information leakage in vmxnet3_complete_packet (bsc#994761).\n- CVE-2016-6888: Integer overflow in packet initialisation in VMXNET3 device driver. Aprivileged user inside guest c... (bsc#994772).\n- CVE-2016-6833: Use after free while writing (bsc#994775).\n- CVE-2016-6835: Buffer overflow in vmxnet_tx_pkt_parse_headers() in vmxnet3 deviceemulation. (bsc#994625).\n- CVE-2016-6834: An infinite loop during packet fragmentation (bsc#994421).\n- CVE-2016-6258: The PV pagetable code in arch/x86/mm.c in Xen allowed local 32-bit PV guest OS administrators to gain host OS privileges by leveraging fast-paths for updating pagetable entries (bsc#988675).\n- CVE-2016-6259: Xen did not implement Supervisor Mode Access Prevention (SMAP) whitelisting in 32-bit exception and event delivery, which allowed local 32-bit PV guest OS kernels to cause a denial of service (hypervisor and VM crash) by triggering a safety check (bsc#988676).\n\nThese non-security issues were fixed:\n- bsc#991934: Hypervisor crash in csched_acct\n- bsc#992224: During boot of Xen Hypervisor, failed to get contiguous memory for DMA\n- bsc#955104: Virsh reports error 'one or more references were leaked after disconnect from hypervisor' when 'virsh save' failed due to 'no response from client after 6 keepalive messages'\n- bsc#959552: Migration of HVM guest leads into libvirt segmentation fault\n- bsc#993665: Migration of xen guests finishes in: One or more references were leaked after disconnect from the hypervisor\n- bsc#959330: Guest migrations using virsh results in error 'Internal error: received hangup / error event on socket'\n- bsc#990500: VM virsh migration fails with keepalive error: ':virKeepAliveTimerInternal:143 : No response from client'\n- bsc#953518: Unplug also SCSI disks in qemu-xen-traditional for upstream unplug protocol\n- bsc#953518: xen_platform: unplug also SCSI disks in qemu-xen\n- bsc#971949: xl: Support (by ignoring) xl migrate --live. xl migrations are always live\n- bsc#970135: New virtualization project clock test randomly fails on Xen\n- bsc#990970: Add PMU support for Intel E7-8867 v4 (fam=6, model=79)\n",null,[],[],[],[14,16,18,20,22,24,26,28,30,32],{"_key":15},"CVE-2016-6258",{"_key":17},"CVE-2016-6259",{"_key":19},"CVE-2016-6833",{"_key":21},"CVE-2016-6834",{"_key":23},"CVE-2016-6835",{"_key":25},"CVE-2016-6836",{"_key":27},"CVE-2016-6888",{"_key":29},"CVE-2016-7092",{"_key":31},"CVE-2016-7093",{"_key":33},"CVE-2016-7094",[],[],[37,38,39,40,41,42,43,44,45,46],{"_key":15},{"_key":17},{"_key":19},{"_key":21},{"_key":23},{"_key":25},{"_key":27},{"_key":29},{"_key":31},{"_key":33},"2016-10-07T09:05:05Z","2026-02-04T03:47:43.840925Z",{"cisa_kev":50,"cisa_ransomware":50,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[52,58,63,67,71,75,79,83,87,91,95,99,103,107,111,115,119,123,127,131,135,139,143,148,152,156,160,164,168,172,176,180],{"url":53,"sources":54,"tags":56},"https://www.suse.com/support/update/announcement/2016/suse-su-20162473-1/",[55],"osv_suse",[57],"Advisory",{"url":59,"sources":60,"tags":61},"https://bugzilla.suse.com/953518",[55],[62],"REPORT",{"url":64,"sources":65,"tags":66},"https://bugzilla.suse.com/955104",[55],[62],{"url":68,"sources":69,"tags":70},"https://bugzilla.suse.com/959330",[55],[62],{"url":72,"sources":73,"tags":74},"https://bugzilla.suse.com/959552",[55],[62],{"url":76,"sources":77,"tags":78},"https://bugzilla.suse.com/970135",[55],[62],{"url":80,"sources":81,"tags":82},"https://bugzilla.suse.com/971949",[55],[62],{"url":84,"sources":85,"tags":86},"https://bugzilla.suse.com/988675",[55],[62],{"url":88,"sources":89,"tags":90},"https://bugzilla.suse.com/988676",[55],[62],{"url":92,"sources":93,"tags":94},"https://bugzilla.suse.com/990500",[55],[62],{"url":96,"sources":97,"tags":98},"https://bugzilla.suse.com/990970",[55],[62],{"url":100,"sources":101,"tags":102},"https://bugzilla.suse.com/991934",[55],[62],{"url":104,"sources":105,"tags":106},"https://bugzilla.suse.com/992224",[55],[62],{"url":108,"sources":109,"tags":110},"https://bugzilla.suse.com/993665",[55],[62],{"url":112,"sources":113,"tags":114},"https://bugzilla.suse.com/994421",[55],[62],{"url":116,"sources":117,"tags":118},"https://bugzilla.suse.com/994625",[55],[62],{"url":120,"sources":121,"tags":122},"https://bugzilla.suse.com/994761",[55],[62],{"url":124,"sources":125,"tags":126},"https://bugzilla.suse.com/994772",[55],[62],{"url":128,"sources":129,"tags":130},"https://bugzilla.suse.com/994775",[55],[62],{"url":132,"sources":133,"tags":134},"https://bugzilla.suse.com/995785",[55],[62],{"url":136,"sources":137,"tags":138},"https://bugzilla.suse.com/995789",[55],[62],{"url":140,"sources":141,"tags":142},"https://bugzilla.suse.com/995792",[55],[62],{"url":144,"sources":145,"tags":146},"https://www.suse.com/security/cve/CVE-2016-6258",[55],[147],"WEB",{"url":149,"sources":150,"tags":151},"https://www.suse.com/security/cve/CVE-2016-6259",[55],[147],{"url":153,"sources":154,"tags":155},"https://www.suse.com/security/cve/CVE-2016-6833",[55],[147],{"url":157,"sources":158,"tags":159},"https://www.suse.com/security/cve/CVE-2016-6834",[55],[147],{"url":161,"sources":162,"tags":163},"https://www.suse.com/security/cve/CVE-2016-6835",[55],[147],{"url":165,"sources":166,"tags":167},"https://www.suse.com/security/cve/CVE-2016-6836",[55],[147],{"url":169,"sources":170,"tags":171},"https://www.suse.com/security/cve/CVE-2016-6888",[55],[147],{"url":173,"sources":174,"tags":175},"https://www.suse.com/security/cve/CVE-2016-7092",[55],[147],{"url":177,"sources":178,"tags":179},"https://www.suse.com/security/cve/CVE-2016-7093",[55],[147],{"url":181,"sources":182,"tags":183},"https://www.suse.com/security/cve/CVE-2016-7094",[55],[147],[],[],[],[188,201,205,209],{"ecosystem":189,"name":190,"vendor":191,"product":192,"cpe_part":9,"purl_type":193,"purl_namespace":191,"purl_name":192,"source":9,"versions":194},"SUSE Linux Enterprise","xen","suse","xen&distro=SUSE Linux Enterprise Desktop 12 SP1","rpm",[195],{"version":196,"is_range":197,"range_type":198,"version_start":9,"version_start_type":9,"version_end":199,"version_end_type":200,"fixed_in":9},"lt4_5_3_10_20_1",true,"ecosystem","4.5.3_10-20.1","excluding",{"ecosystem":189,"name":190,"vendor":191,"product":202,"cpe_part":9,"purl_type":193,"purl_namespace":191,"purl_name":202,"source":9,"versions":203},"xen&distro=SUSE Linux Enterprise Server 12 SP1",[204],{"version":196,"is_range":197,"range_type":198,"version_start":9,"version_start_type":9,"version_end":199,"version_end_type":200,"fixed_in":9},{"ecosystem":189,"name":190,"vendor":191,"product":206,"cpe_part":9,"purl_type":193,"purl_namespace":191,"purl_name":206,"source":9,"versions":207},"xen&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP1",[208],{"version":196,"is_range":197,"range_type":198,"version_start":9,"version_start_type":9,"version_end":199,"version_end_type":200,"fixed_in":9},{"ecosystem":189,"name":190,"vendor":191,"product":210,"cpe_part":9,"purl_type":193,"purl_namespace":191,"purl_name":210,"source":9,"versions":211},"xen&distro=SUSE Linux Enterprise Software Development Kit 12 SP1",[212],{"version":196,"is_range":197,"range_type":198,"version_start":9,"version_start_type":9,"version_end":199,"version_end_type":200,"fixed_in":9}]