CVE 2016-3158
The xrstor function in arch/x86/xstate.c in Xen 4.x does not properly handle writes to the hardware FSW.ES bit when running on AMD64 processors, which allows local guest OS users to obtain sensitive register content information from another guest by leveraging pending exception and mask bits. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-2076.
Related bugs and status
CVE-2016-3158 (Candidate) is related to these bugs:
Bug #1581419: XSA-172 / CVE-2016-3158
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1581419 | XSA-172 / CVE-2016-3158 | xen (Ubuntu) | Medium | Fix Released | ||
1581419 | XSA-172 / CVE-2016-3158 | xen (Ubuntu Precise) | Medium | Fix Released | ||
1581419 | XSA-172 / CVE-2016-3158 | xen (Ubuntu Wily) | Medium | Fix Released | ||
1581419 | XSA-172 / CVE-2016-3158 | xen (Ubuntu Xenial) | Medium | Fix Released | ||
1581419 | XSA-172 / CVE-2016-3158 | xen (Ubuntu Trusty) | Medium | Fix Released |
Bug #1671760: Xen HVM guests running linux 4.10 fail to boot on Intel hosts
Bug #1671864: Xen stable update to 4.6.5
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1671864 | Xen stable update to 4.6.5 | xen (Ubuntu) | Medium | Invalid | ||
1671864 | Xen stable update to 4.6.5 | xen (Ubuntu Xenial) | Medium | Fix Released |
See the
CVE page on Mitre.org
for more details.