CVE-2016-1571 / XSA-168
Bug #1564915 reported by
Philipp Hahn
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| xen (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Bug Description
<http://
VMX: intercept issue with INVLPG on non-canonical address
Revision history for this message
| Philipp Hahn (pmhahn) wrote | #1 |
Revision history for this message
| Marc Deslauriers (mdeslaur) wrote | #2 |
| information type: | Private Security → Public Security |
| Changed in xen (Ubuntu): | |
| status: | New → Fix Released |
To post a comment you must log in.
This was fixed by the following update:
xen (4.1.6.
* Applying Xen Security Advisories:
- CVE-2016-2270 / XSA-154
* x86: make get_page_from_l1e() return a proper error code
* x86: make mod_l1_entry() return a proper error code
* x86/mm: fix mod_l1_entry() return value when encountering r/o MMIO
page
* x86: enforce consistent cachability of MMIO mappings
- CVE-2016-1570 / XSA-167
* x86/mm: PV superpage handling lacks sanity checks
- CVE-2016-1571 / XSA-168
* x86/VMX: prevent INVVPID failure due to non-canonical guest address
- CVE-2015-8615 / XSA-169
* x86: make debug output consistent in hvm_set_
- CVE-2016-2271 / XSA-170
* x86/VMX: sanitize rIP before re-entering guest
-- Stefan Bader <email address hidden> Thu, 25 Feb 2016 09:25:57 +0100