CVE-2016-7777
MEDIUMXen < 4.7.0 - Local FPU/MMX/XMM Register State Leak via Instruction Modification
Title source: llmDescription
Xen 4.7.x and earlier does not properly honor CR0.TS and CR0.EM, which allows local x86 HVM guest OS users to read or modify FPU, MMX, or XMM register state information belonging to arbitrary tasks on the guest by modifying an instruction while the hypervisor is preparing to emulate it.
References (5)
Core 5
Core References
Vendor Advisory x_refsource_confirm
https://support.citrix.com/article/CTX217363
Mitigation, Patch, Vendor Advisory x_refsource_confirm
http://xenbits.xen.org/xsa/advisory-190.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/93344
Third Party Advisory vendor-advisory
x_refsource_gentoo
https://security.gentoo.org/glsa/201611-09
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1036942
Scores
CVSS v3
6.3
EPSS
0.0012
EPSS Percentile
30.7%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
Details
CWE
CWE-362
Status
published
Products (1)
xen/xen
< 4.7.0
Published
Oct 07, 2016
Tracked Since
Feb 18, 2026