CVE-2016-9932 — Sensitive Information Exposure in XEN

CWE-200 — Sensitive Information Exposure7 documents6 sources

Severity

3.3LOWNVD

EPSS

0.1%

top 78.81%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

XEN Debian XEN

Timeline

PublishedJan 26

Latest updateMay 17

Description

CMPXCHG8B emulation in Xen 3.3.x through 4.7.x on x86 systems allows local HVM guest OS users to obtain sensitive information from host stack memory via a "supposedly-ignored" operand size prefix.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NExploitability: 1.8 | Impact: 1.4

Affected Packages3 packages

▶debiandebian/xen< xen 4.8.0~rc3-1 (bookworm)

▶Debianxen/xen< 4.8.0~rc3-1+3

▶NVDxen/xen45 versions+44

Patches

Patch: xenbits.xen.org ↗Patch: xenbits.xen.org ↗

🔴Vulnerability Details

GHSA

GHSA-888m-xr85-xxqp: CMPXCHG8B emulation in Xen 3↗2022-05-17

▶

OSV

CVE-2016-9932: CMPXCHG8B emulation in Xen 3↗2017-01-26

▶

📋Vendor Advisories

Red Hat

xen: x86 CMPXCHG8B emulation fails to ignore operand size override (XSA-200)↗2016-12-13

▶

Debian

CVE-2016-9932: xen - CMPXCHG8B emulation in Xen 3.3.x through 4.7.x on x86 systems allows local HVM g...↗2016

▶

💬Community

Bugzilla

CVE-2016-9932 xsa200 xen: x86 CMPXCHG8B emulation fails to ignore operand size override (XSA-200) [fedora-all]↗2016-12-13

▶

Bugzilla

CVE-2016-9932 xsa200 xen: x86 CMPXCHG8B emulation fails to ignore operand size override (XSA-200)↗2016-11-29

▶