CVE-2016-3159
LOWOracle VM Server - Information Disclosure via FPU Register Handling
Title source: llmDescription
The fpu_fxrstor function in arch/x86/i387.c in Xen 4.x does not properly handle writes to the hardware FSW.ES bit when running on AMD64 processors, which allows local guest OS users to obtain sensitive register content information from another guest by leveraging pending exception and mask bits. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-2076.
References (9)
Core 9
Core References
Third Party Advisory x_refsource_confirm
http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
Mailing List, Third Party Advisory vendor-advisory
x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181699.html
Patch, Vendor Advisory x_refsource_confirm
http://xenbits.xen.org/xsa/advisory-172.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/85716
Mailing List, Third Party Advisory vendor-advisory
x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181729.html
Patch, Vendor Advisory x_refsource_confirm
http://xenbits.xen.org/xsa/xsa172.patch
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1035435
Third Party Advisory x_refsource_confirm
http://support.citrix.com/article/CTX209443
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2016/dsa-3554
Scores
CVSS v3
3.8
EPSS
0.0004
EPSS Percentile
11.1%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
Details
CWE
CWE-200
CWE-284
Status
published
Products (6)
debian/debian_linux
8.0
fedoraproject/fedora
22
fedoraproject/fedora
23
oracle/vm_server
3.3
oracle/vm_server
3.4
xen/xen
4.3.0 - 4.3.4
Published
Apr 13, 2016
Tracked Since
Feb 18, 2026