CVE-2016-3159: Infoleak
First published: Wed Apr 13 2016(Updated: )
The fpu_fxrstor function in arch/x86/i387.c in Xen 4.x does not properly handle writes to the hardware FSW.ES bit when running on AMD64 processors, which allows local guest OS users to obtain sensitive register content information from another guest by leveraging pending exception and mask bits. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-2076.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Oracle VM Server | =3.3 | |
| Oracle VM Server | =3.4 | |
| Xen xen-unstable | >=4.3.0<=4.3.4 | |
| Xen xen-unstable | >=4.4.0<=4.4.4 | |
| Xen xen-unstable | >=4.5.0<=4.5.3 | |
| Xen xen-unstable | >=4.6.0<=4.6.1 | |
| Fedora | =22 | |
| Fedora | =23 | |
| Debian | =8.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181699.html
- http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181729.html
- http://support.citrix.com/article/CTX209443
- http://www.debian.org/security/2016/dsa-3554
- http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
- http://www.securityfocus.com/bid/85716
- http://www.securitytracker.com/id/1035435
- http://xenbits.xen.org/xsa/advisory-172.html
- http://xenbits.xen.org/xsa/xsa172.patch
Frequently Asked Questions
What is the severity of CVE-2016-3159?
The severity of CVE-2016-3159 is classified as medium, as it allows unauthorized access to sensitive information across guest OS environments.
How do I fix CVE-2016-3159?
To fix CVE-2016-3159, update your Xen or Oracle VM Server to a version that addresses this vulnerability.
Which software versions are affected by CVE-2016-3159?
CVE-2016-3159 affects several versions of Xen from 4.3.0 to 4.6.1 and specific releases of Oracle VM Server 3.3 and 3.4.
What type of vulnerability is identified in CVE-2016-3159?
CVE-2016-3159 is a local information disclosure vulnerability that can be exploited by a guest OS user.
Can CVE-2016-3159 be exploited remotely?
No, CVE-2016-3159 requires local access to the affected guest OS to be exploited.
- agent/type
- agent/remedy
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/severity
- agent/references
- agent/last-modified-date
- agent/weakness
- agent/description
- agent/event
- agent/first-publish-date
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/oracle
- canonical/oracle vm server
- version/oracle vm server/3.3
- version/oracle vm server/3.4
- vendor/xen
- canonical/xen xen-unstable
- version/xen xen-unstable/4.3.0
- version/xen xen-unstable/4.3.4
- version/xen xen-unstable/4.4.0
- version/xen xen-unstable/4.4.4
- version/xen xen-unstable/4.5.0
- version/xen xen-unstable/4.5.3
- version/xen xen-unstable/4.6.0
- version/xen xen-unstable/4.6.1
- vendor/fedoraproject
- canonical/fedora
- version/fedora/22
- version/fedora/23
- vendor/debian
- canonical/debian
- version/debian/8.0