CVE-2016-9932

Опубликовано: 13 дек. 2016

Источник: redhat

CVSS3: 5

CVSS2: 3.5

EPSS Низкий

Описание

CMPXCHG8B emulation in Xen 3.3.x through 4.7.x on x86 systems allows local HVM guest OS users to obtain sensitive information from host stack memory via a "supposedly-ignored" operand size prefix.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 5	xen	Will not fix

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

https://bugzilla.redhat.com/show_bug.cgi?id=1399745xen: x86 CMPXCHG8B emulation fails to ignore operand size override (XSA-200)

EPSS

Процентиль: 21%

0.00069

Низкий

5 Medium

CVSS3

3.5 Low

CVSS2

Связанные уязвимости

CVE-2016-9932

CVSS3: 3.3

ubuntu

около 9 лет назад

CMPXCHG8B emulation in Xen 3.3.x through 4.7.x on x86 systems allows local HVM guest OS users to obtain sensitive information from host stack memory via a "supposedly-ignored" operand size prefix.

CVE-2016-9932

CVSS3: 3.3

nvd

около 9 лет назад

CMPXCHG8B emulation in Xen 3.3.x through 4.7.x on x86 systems allows local HVM guest OS users to obtain sensitive information from host stack memory via a "supposedly-ignored" operand size prefix.

CVE-2016-9932

CVSS3: 3.3

debian

около 9 лет назад

CMPXCHG8B emulation in Xen 3.3.x through 4.7.x on x86 systems allows l ...

GHSA-888m-xr85-xxqp

CVSS3: 3.3

github

больше 3 лет назад

CMPXCHG8B emulation in Xen 3.3.x through 4.7.x on x86 systems allows local HVM guest OS users to obtain sensitive information from host stack memory via a "supposedly-ignored" operand size prefix.

SUSE-SU-2016:3241-1

suse-cvrf

около 9 лет назад

Security update for xen

EPSS

Процентиль: 21%

0.00069

Низкий

5 Medium

CVSS3

3.5 Low

CVSS2