Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2016-3159

Опубликовано: 13 апр. 2016
Источник: debian

Описание

The fpu_fxrstor function in arch/x86/i387.c in Xen 4.x does not properly handle writes to the hardware FSW.ES bit when running on AMD64 processors, which allows local guest OS users to obtain sensitive register content information from another guest by leveraging pending exception and mask bits. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-2076.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
xenfixed4.8.0~rc3-1package

Примечания

  • http://xenbits.xen.org/xsa/advisory-172.html

  • CVE-2016-3159 is for the code change which is applicable for later

  • versions only, but which must always be combined with the code change

  • for CVE-2016-3158. Ie for the first hunk in xsa172.patch, which

  • patches the function fpu_fxrstor.

Связанные уязвимости

ubuntu логотип

CVE-2016-3159

CVSS3: 3.8
ubuntu
почти 10 лет назад

The fpu_fxrstor function in arch/x86/i387.c in Xen 4.x does not properly handle writes to the hardware FSW.ES bit when running on AMD64 processors, which allows local guest OS users to obtain sensitive register content information from another guest by leveraging pending exception and mask bits. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-2076.

redhat логотип

CVE-2016-3159

redhat
почти 10 лет назад

The fpu_fxrstor function in arch/x86/i387.c in Xen 4.x does not properly handle writes to the hardware FSW.ES bit when running on AMD64 processors, which allows local guest OS users to obtain sensitive register content information from another guest by leveraging pending exception and mask bits. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-2076.

nvd логотип

CVE-2016-3159

CVSS3: 3.8
nvd
почти 10 лет назад

The fpu_fxrstor function in arch/x86/i387.c in Xen 4.x does not properly handle writes to the hardware FSW.ES bit when running on AMD64 processors, which allows local guest OS users to obtain sensitive register content information from another guest by leveraging pending exception and mask bits. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-2076.

github логотип

GHSA-h55q-7cr6-wwr6

CVSS3: 3.8
github
больше 3 лет назад

The fpu_fxrstor function in arch/x86/i387.c in Xen 4.x does not properly handle writes to the hardware FSW.ES bit when running on AMD64 processors, which allows local guest OS users to obtain sensitive register content information from another guest by leveraging pending exception and mask bits. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-2076.

fstec логотип

BDU:2016-01039

fstec
почти 10 лет назад

Уязвимость гипервизора Xen, позволяющая нарушителю получить доступ к защищаемой информации о содержимом регистра