[3.2] xen: CR0.TS and CR0.EM not always honored for x86 HVM guests (CVE-2016-7777)
Xen 4.7.x and earlier does not properly honor CR0.TS and CR0.EM, which
allows local x86 HVM guest OS users to read or modify FPU, MMX,
or XMM register state information belonging to arbitrary tasks on the
guest by modifying an instruction while the hypervisor is preparing to
emulate it.
Reference:
http://xenbits.xen.org/xsa/advisory-190.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7777
(from redmine: issue id 6351, created on 2016-10-13, closed on 2017-09-05)
- Relations:
- parent #6347 (closed)
- Changesets:
- Revision 473c36a9 by Sergei Lukin on 2016-12-13T10:04:58Z:
main/xen: security upgrade - fixes #6351, #6498
CVE-2016-7777
CVE-2016-9377
CVE-2016-9378
CVE-2016-9379
CVE-2016-9380
CVE-2016-9381
CVE-2016-9382
CVE-2016-9383
CVE-2016-9384
CVE-2016-9385
CVE-2016-9386