CVE-2016-3159

CWE-200 — Information Exposure CWE-284 — Improper Access Control9 documents8 sources

Severity

3.8LOW

EPSS

0.0%

top 89.06%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

XEN XEN Debian Debian Linux Fedoraproject Fedora +1 more

Timeline

PublishedApr 13

Latest updateMay 14

Description

The fpu_fxrstor function in arch/x86/i387.c in Xen 4.x does not properly handle writes to the hardware FSW.ES bit when running on AMD64 processors, which allows local guest OS users to obtain sensitive register content information from another guest by leveraging pending exception and mask bits. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-2076.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:NExploitability: 2.0 | Impact: 1.4

Affected Packages3 packages

▶Debianxen< 4.8.0~rc3-1+3

▶NVDxen/xen4.3.0 — 4.3.4+3

▶NVDoracle/vm_server3.3, 3.4+1

Also affects: Debian Linux 8.0, Fedora 22, 23

Patches

Patch: xenbits.xen.org ↗Patch: xenbits.xen.org ↗Patch: xenbits.xen.org ↗

🔴Vulnerability Details

GHSA

GHSA-h55q-7cr6-wwr6: The fpu_fxrstor function in arch/x86/i387↗2022-05-14

▶

OSV

CVE-2016-3159: The fpu_fxrstor function in arch/x86/i387↗2016-04-13

▶

CVEList

CVE-2016-3159: The fpu_fxrstor function in arch/x86/i387↗2016-04-13

▶

📋Vendor Advisories

Red Hat

xen: AMD FPU FIP/FDP/FOP leak workaround broken (XSA-172)↗2016-03-24

▶

Debian

CVE-2016-3159: xen - The fpu_fxrstor function in arch/x86/i387.c in Xen 4.x does not properly handle ...↗2016

▶

Apache

Apache camel: CVE-2017-3159↗

▶

💬Community

Bugzilla

CVE-2016-3158 CVE-2016-3159 xen: AMD FPU FIP/FDP/FOP leak workaround broken (XSA-172) [fedora-all]↗2016-03-29

▶

Bugzilla

CVE-2016-3158 CVE-2016-3159 xen: AMD FPU FIP/FDP/FOP leak workaround broken (XSA-172)↗2016-03-15

▶