High severity8.2NVD Advisory· Published Sep 21, 2016· Updated May 6, 2026

CVE-2016-7092

Description

The get_page_from_l3e function in arch/x86/mm.c in Xen allows local 32-bit PV guest OS administrators to gain host OS privileges via vectors related to L3 recursive pagetables.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

xenbits.xen.org/xsa/advisory-185.htmlnvdPatchVendor Advisory
xenbits.xen.org/xsa/xsa185.patchnvdPatchVendor Advisory
support.citrix.com/article/CTX216071nvdThird Party Advisory
www.securityfocus.com/bid/92862nvdThird Party AdvisoryVDB Entry
www.securitytracker.com/id/1036751nvdThird Party AdvisoryVDB Entry
www.debian.org/security/2016/dsa-3663nvd
www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.htmlnvd
security.gentoo.org/glsa/201611-09nvd

News mentions

No linked articles in our index yet.

cvss	0.533
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000