CVE-2016-3159 — LOW (3.8) — White Hats Nepal

Q: How severe is CVE-2016-3159?

CVE-2016-3159 has been rated LOW with a CVSS base score of 3.8/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2016-3159?

Check the references section above for vendor advisories and patch information. Affected products include: Oracle Vm Server, Xen Xen, Fedoraproject Fedora, Debian Debian Linux.

Vulnerability Description

The fpu_fxrstor function in arch/x86/i387.c in Xen 4.x does not properly handle writes to the hardware FSW.ES bit when running on AMD64 processors, which allows local guest OS users to obtain sensitive register content information from another guest by leveraging pending exception and mask bits. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-2076.

CVSS Score

3.8

LOW

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality

LOW

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Oracle	Vm Server	3.3
Xen	Xen	>= 4.3.0, <= 4.3.4
Fedoraproject	Fedora	22
Debian	Debian Linux	8.0

Related Weaknesses (CWE)

CWE-284 CWE-200

References

http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181699.htmlMailing ListThird Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181729.htmlMailing ListThird Party Advisory
http://support.citrix.com/article/CTX209443Third Party Advisory
http://www.debian.org/security/2016/dsa-3554Third Party Advisory
http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.htmThird Party Advisory
http://www.securityfocus.com/bid/85716Third Party AdvisoryVDB Entry
http://www.securitytracker.com/id/1035435Third Party AdvisoryVDB Entry
http://xenbits.xen.org/xsa/advisory-172.htmlPatchVendor Advisory
http://xenbits.xen.org/xsa/xsa172.patchPatchVendor Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181699.htmlMailing ListThird Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181729.htmlMailing ListThird Party Advisory
http://support.citrix.com/article/CTX209443Third Party Advisory
http://www.debian.org/security/2016/dsa-3554Third Party Advisory
http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.htmThird Party Advisory
http://www.securityfocus.com/bid/85716Third Party AdvisoryVDB Entry

FAQ

What is CVE-2016-3159?

CVE-2016-3159 is a vulnerability with a CVSS score of 3.8 (LOW). The fpu_fxrstor function in arch/x86/i387.c in Xen 4.x does not properly handle writes to the hardware FSW.ES bit when running on AMD64 processors, which allows local guest OS users to obtain sensitiv...

How severe is CVE-2016-3159?

CVE-2016-3159 has been rated LOW with a CVSS base score of 3.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2016-3159?

Check the references section above for vendor advisories and patch information. Affected products include: Oracle Vm Server, Xen Xen, Fedoraproject Fedora, Debian Debian Linux.