CVE-2016-7777 — Race Condition in XEN

CWE-362 — Race Condition8 documents6 sources

Severity

6.3MEDIUMNVD

EPSS

0.1%

top 68.76%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

XEN Debian XEN

Timeline

PublishedOct 7

Latest updateMay 17

Description

Xen 4.7.x and earlier does not properly honor CR0.TS and CR0.EM, which allows local x86 HVM guest OS users to read or modify FPU, MMX, or XMM register state information belonging to arbitrary tasks on the guest by modifying an instruction while the hypervisor is preparing to emulate it.

CVSS vector

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:NExploitability: 1.0 | Impact: 5.2

Affected Packages3 packages

▶debiandebian/xen< xen 4.8.0~rc3-1 (bookworm)

▶Debianxen/xen< 4.8.0~rc3-1+3

▶NVDxen/xen4.7.0

Patches

Patch: xenbits.xen.org ↗Patch: xenbits.xen.org ↗

🔴Vulnerability Details

GHSA

GHSA-cr4c-368c-2fc2: Xen 4↗2022-05-17

▶

OSV

CVE-2016-7777: Xen 4↗2016-10-07

▶

📋Vendor Advisories

Red Hat

xen: CR0.TS and CR0.EM not always honored for x86 HVM guests (XSA-190)↗2016-10-04

▶

Debian

CVE-2016-7777: xen - Xen 4.7.x and earlier does not properly honor CR0.TS and CR0.EM, which allows lo...↗2016

▶

💬Community

Bugzilla

CVE-2016-7777 xsa190 xen: CR0.TS and CR0.EM not always honored for x86 HVM guests (XSA-190) [fedora-all]↗2016-10-04

▶

Bugzilla

CVE-2016-7777 xsa190 xen: CR0.TS and CR0.EM not always honored for x86 HVM guests (XSA-190)↗2016-09-20

▶