{"id":"CVE-2016-3157","details":"The __switch_to function in arch/x86/kernel/process_64.c in the Linux kernel does not properly context-switch IOPL on 64-bit PV Xen guests, which allows local guest OS users to gain privileges, cause a denial of service (guest OS crash), or obtain sensitive information by leveraging I/O port access.","modified":"2026-03-15T22:06:32.364456Z","published":"2016-04-12T16:59:02.423Z","references":[{"type":"WEB","url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"},{"type":"WEB","url":"http://www.securityfocus.com/bid/84594"},{"type":"WEB","url":"http://www.securitytracker.com/id/1035308"},{"type":"ADVISORY","url":"http://www.ubuntu.com/usn/USN-2997-1"},{"type":"ADVISORY","url":"http://www.ubuntu.com/usn/USN-2968-2"},{"type":"ADVISORY","url":"http://www.ubuntu.com/usn/USN-2971-2"},{"type":"ADVISORY","url":"http://www.debian.org/security/2016/dsa-3607"},{"type":"ADVISORY","url":"http://www.ubuntu.com/usn/USN-2968-1"},{"type":"ADVISORY","url":"http://www.ubuntu.com/usn/USN-2969-1"},{"type":"ADVISORY","url":"http://www.ubuntu.com/usn/USN-2970-1"},{"type":"ADVISORY","url":"http://www.ubuntu.com/usn/USN-2971-1"},{"type":"ADVISORY","url":"http://www.ubuntu.com/usn/USN-2971-3"},{"type":"ADVISORY","url":"http://www.ubuntu.com/usn/USN-2996-1"},{"type":"FIX","url":"http://xenbits.xen.org/xsa/advisory-171.html"}],"affected":[{"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-3157.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"4.0.0"}]},{"events":[{"introduced":"0"},{"last_affected":"12.04"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}