Xen 4.5.3, 4.6.3, and 4.7.x allow local HVM guest OS administrators to overwrite hypervisor memory and consequently gain host OS privileges by leveraging mishandling of instruction pointer truncation during emulation.Referenceshttp://xenbits.xen.org/xsa/advisory-186.htmlhttp://www.securityfocus.com/bid/92865http://xenbits.xen.org/xsa/xsa186-0001-x86-emulate-Correct-boundary-interactions-of-emulate.patchhttp://support.citrix.com/article/CTX216071http://www.securitytracker.com/id/1036752https://security.gentoo.org/glsa/201611-09
