CVE-2016-3158
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
The xrstor function in arch/x86/xstate.c in Xen 4.x does not properly handle writes to the hardware FSW.ES bit when running on AMD64 processors, which allows local guest OS users to obtain sensitive register content information from another guest by leveraging pending exception and mask bits. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-2076.
La función xrstor en arch/x86/xstate.c en Xen 4.x no maneja correctamente escrituras al bit FSW.ES hardware cuando se ejecuta en procesadores AMD64, lo que permite a usuarios locales del SO invitado obtener información sensible del contenido de registro de otro invitado aprovechando una excepción pendiente y bits de máscara. NOTA: esta vulnerabilidad existe por una solución incorrecta para CVE-2013-2076.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2016-03-15 CVE Reserved
- 2016-04-13 CVE Published
- 2024-08-05 CVE Updated
- 2024-09-26 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
- CWE-284: Improper Access Control
CAPEC
References (10)
URL | Tag | Source |
---|---|---|
http://support.citrix.com/article/CTX209443 | X_refsource_confirm | |
http://www.securityfocus.com/bid/85714 | Third Party Advisory | |
http://www.securitytracker.com/id/1035435 | Third Party Advisory |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://xenbits.xen.org/xsa/xsa172-4.3.patch | 2016-12-03 | |
http://xenbits.xen.org/xsa/xsa172.patch | 2016-12-03 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Xen Search vendor "Xen" | Xen Search vendor "Xen" for product "Xen" | <= 4.4.0 Search vendor "Xen" for product "Xen" and version " <= 4.4.0" | - |
Affected
| ||||||
Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | 22 Search vendor "Fedoraproject" for product "Fedora" and version "22" | - |
Affected
| ||||||
Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | 23 Search vendor "Fedoraproject" for product "Fedora" and version "23" | - |
Affected
| ||||||
Oracle Search vendor "Oracle" | Vm Server Search vendor "Oracle" for product "Vm Server" | 3.3 Search vendor "Oracle" for product "Vm Server" and version "3.3" | - |
Affected
| ||||||
Oracle Search vendor "Oracle" | Vm Server Search vendor "Oracle" for product "Vm Server" | 3.4 Search vendor "Oracle" for product "Vm Server" and version "3.4" | - |
Affected
|