[3.3] xen: CR0.TS and CR0.EM not always honored for x86 HVM guests (CVE-2016-7777)
Xen 4.7.x and earlier does not properly honor CR0.TS and CR0.EM, which
allows local x86 HVM guest OS users to read or modify FPU, MMX,
or XMM register state information belonging to arbitrary tasks on the
guest by modifying an instruction while the hypervisor is preparing to
emulate it.
Reference:
http://xenbits.xen.org/xsa/advisory-190.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7777
(from redmine: issue id 6350, created on 2016-10-13, closed on 2017-09-05)
- Relations:
- parent #6347 (closed)
- Changesets:
- Revision 9bd4f34b by Sergei Lukin on 2016-12-13T10:09:15Z:
main/xen: security upgrade - fixes #6350, #6497
CVE-2016-7777
CVE-2016-9377
CVE-2016-9378
CVE-2016-9379
CVE-2016-9380
CVE-2016-9381
CVE-2016-9382
CVE-2016-9383
CVE-2016-9385
CVE-2016-9386