CVE-2016-3159
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
The fpu_fxrstor function in arch/x86/i387.c in Xen 4.x does not properly handle writes to the hardware FSW.ES bit when running on AMD64 processors, which allows local guest OS users to obtain sensitive register content information from another guest by leveraging pending exception and mask bits. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-2076.
La función fpu_fxrstor en arch/x86/i387.c en Xen 4.x no maneja correctamente escrituras al bit FSW.ES hardware cuando se ejecuta en procesadores AMD64, lo que permite a usuarios locales del SO invitado obtener información sensible del contenido de registro de otro invitado aprovechando una excepción pendiente y bits de máscara. NOTA: esta vulnerabilidad existe por una solución incorrecta para CVE-2013-2076.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2016-03-15 CVE Reserved
- 2016-04-13 CVE Published
- 2024-08-05 CVE Updated
- 2024-09-26 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
- CWE-284: Improper Access Control
CAPEC
References (9)
| URL | Tag | Source |
|---|---|---|
| http://support.citrix.com/article/CTX209443 | Third Party Advisory | |
| http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html | Third Party Advisory |
|
| http://www.securityfocus.com/bid/85716 | Third Party Advisory | |
| http://www.securitytracker.com/id/1035435 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://xenbits.xen.org/xsa/advisory-172.html | 2019-02-21 | |
| http://xenbits.xen.org/xsa/xsa172.patch | 2019-02-21 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Oracle Search vendor "Oracle" | Vm Server Search vendor "Oracle" for product "Vm Server" | 3.3 Search vendor "Oracle" for product "Vm Server" and version "3.3" | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Vm Server Search vendor "Oracle" for product "Vm Server" | 3.4 Search vendor "Oracle" for product "Vm Server" and version "3.4" | - |
Affected
| ||||||
| Xen Search vendor "Xen" | Xen Search vendor "Xen" for product "Xen" | >= 4.3.0 <= 4.3.4 Search vendor "Xen" for product "Xen" and version " >= 4.3.0 <= 4.3.4" | - |
Affected
| ||||||
| Xen Search vendor "Xen" | Xen Search vendor "Xen" for product "Xen" | >= 4.4.0 <= 4.4.4 Search vendor "Xen" for product "Xen" and version " >= 4.4.0 <= 4.4.4" | - |
Affected
| ||||||
| Xen Search vendor "Xen" | Xen Search vendor "Xen" for product "Xen" | >= 4.5.0 <= 4.5.3 Search vendor "Xen" for product "Xen" and version " >= 4.5.0 <= 4.5.3" | - |
Affected
| ||||||
| Xen Search vendor "Xen" | Xen Search vendor "Xen" for product "Xen" | >= 4.6.0 <= 4.6.1 Search vendor "Xen" for product "Xen" and version " >= 4.6.0 <= 4.6.1" | - |
Affected
| ||||||
| Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | 22 Search vendor "Fedoraproject" for product "Fedora" and version "22" | - |
Affected
| ||||||
| Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | 23 Search vendor "Fedoraproject" for product "Fedora" and version "23" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 8.0 Search vendor "Debian" for product "Debian Linux" and version "8.0" | - |
Affected
| ||||||