CVE-2013-2076
Xen 4.0.x-4.2.x - Information Disclosure via x87 Register Handling
Title source: llmDescription
Xen 4.0.x, 4.1.x, and 4.2.x, when running on AMD64 processors, only save/restore the FOP, FIP, and FDP x87 registers in FXSAVE/FXRSTOR when an exception is pending, which allows one domain to determine portions of the state of floating point instructions of other domains, which can be leveraged to obtain sensitive information such as cryptographic keys, a similar vulnerability to CVE-2006-1056. NOTE: this is the documented behavior of AMD64 processors, but it is inconsistent with Intel processors in a security-relevant fashion that was not addressed by the kernels.
References (5)
Core 5
Core References
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/55082
Third Party Advisory vendor-advisory
x_refsource_gentoo
http://security.gentoo.org/glsa/glsa-201309-24.xml
Mailing List mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2013/06/03/1
Mailing List vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2014/dsa-3006
Scores
EPSS
0.0009
EPSS Percentile
25.8%
Details
CWE
CWE-200
Status
published
Products (14)
xen/xen
4.0.0
xen/xen
4.0.1
xen/xen
4.0.2
xen/xen
4.0.3
xen/xen
4.0.4
xen/xen
4.2.0
xen/xen
4.2.1
xen/xen
4.2.2
xen/xen
4.1.0
xen/xen
4.1.1
... and 4 more
Published
Aug 28, 2013
Tracked Since
Feb 18, 2026