CVE-2016-9377

Xen 4.5.x through 4.7.x on AMD systems without the NRip feature, when emulating instructions that generate software interrupts, allows local HVM guest OS users to cause a denial of service (guest crash) by leveraging IDT entry miscalculation.

Weakness

The product performs a calculation that generates incorrect or unintended results that are later used in security-critical decisions or resource management.

Affected Software

Name	Vendor	Start Version	End Version
Xen	Xen	4.5.0 (including)	4.5.0 (including)
Xen	Xen	4.5.1 (including)	4.5.1 (including)
Xen	Xen	4.5.2 (including)	4.5.2 (including)
Xen	Xen	4.5.3 (including)	4.5.3 (including)
Xen	Xen	4.5.5 (including)	4.5.5 (including)
Xen	Xen	4.6.0 (including)	4.6.0 (including)
Xen	Xen	4.6.1 (including)	4.6.1 (including)
Xen	Xen	4.6.3 (including)	4.6.3 (including)
Xen	Xen	4.6.4 (including)	4.6.4 (including)
Xen	Xen	4.7.0 (including)	4.7.0 (including)
Xen	Xen	4.7.1 (including)	4.7.1 (including)

Potential Mitigations

Use languages, libraries, or frameworks that make it easier to handle numbers without unexpected consequences.
Examples include safe integer handling packages such as SafeInt (C++) or IntegerLib (C or C++).
Use languages, libraries, or frameworks that make it easier to handle numbers without unexpected consequences.
Examples include safe integer handling packages such as SafeInt (C++) or IntegerLib (C or C++).

NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-9377
CWE	https://cwe.mitre.org/data/definitions/682.html

Incorrect Calculation

Weakness

Affected Software

Potential Mitigations

References

CVE-2016-9377

Incorrect Calculation

Weakness

Affected Software

Potential Mitigations

Related Attack Patterns

References